An on-line wireless attack detection system using multi-layer data fusion
Francisco J. Aparicio-Navarro,Konstantinos G. Kyriakopoulos,David J. Parish +2 more
- 01 Dec 2011
- pp 1-5
TL;DR: A synergistic approach of fusing decisions of whether an attack takes place by using multiple measurements from different layers of wireless communication networks, with the ultimate goal of limiting false alarms by combining beliefs from various network layers is described.
read more
Abstract: Computer networks and more specifically wireless communication networks are increasingly becoming susceptible to more sophisticated and untraceable attacks. Most of the current Intrusion Detection Systems either focus on just one layer of observation or use a limited number of metrics without proper data fusion techniques. However, the true status of a network is rarely accurately detectable by examining only one network layer. This paper describes a synergistic approach of fusing decisions of whether an attack takes place by using multiple measurements from different layers of wireless communication networks. The described method is implemented on a live system that monitors a wireless network in real time and gives an indication of whether a malicious frame exists or not. This is achieved by analysing specific metrics and comparing them against historical data. The proposed system assigns for each metric a belief of whether an attack takes place or not. The beliefs from different metrics are fused with the Dempster-Shafer technique with the ultimate goal of limiting false alarms by combining beliefs from various network layers. The on-line experimental results show that cross-layer techniques and data fusion perform more efficiently compared to conventional methods.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Figures
TABLE I. EXAMPLE EVENT PROBABILITIES ASSIGNED BY AND 
TABLE V. SINGLE METRIC RESULTS UTILISING TTL 
TABLE II. CROSS LAYER RESULTS UTILISING RSSI, INJ. RATE AND TTL 
TABLE IV. DUAL METRIC RESULTS UTILISING INJ. RATE AND TTL 
TABLE III. DUAL METRIC RESULTS UTILISING INJ. RATE AND RSSI 
Figure 2. Methodology flowchart.
Citations
Anomaly-based intrusion detection of jamming attacks, local versus collaborative detection
Alexandros Fragkiadakis,Vasilios A. Siris,Nikolaos E. Petroulakis,Apostolos Traganitis +3 more
- 10 Feb 2015
TL;DR: This work compares the performance of local algorithms on the basis of the signal-to-interference-plus-noise ratio SINR executing independently at several monitors, with a collaborative detection algorithm that fuses the outputs provided by these algorithms with the Dempster-Shafer theory of evidence algorithm.
Manual and Automatic assigned thresholds in multi-layer data fusion intrusion detection system for 802.11 attacks
TL;DR: This study presents a comparison between manual and automatic BPA methods using the D–S technique and shows that multi-layer techniques perform more efficiently when compared with conventional methods.
•Proceedings Article
A multi-layer data fusion system for Wi-Fi attack detection using automatic belief assignment
Francisco J. Aparicio-Navarro,Konstantinos G. Kyriakopoulos,David J. Parish +2 more
- 10 Jun 2012
TL;DR: A novel BPA methodology able to automatically adapt its detection capabilities to the current measured characteristics, with a light weight process of generating a baseline profile of normal utilisation and without intervention from the IDS administrator is described.
9
An automatic and self-adaptive multi-layer data fusion system for WiFi attack detection
TL;DR: A novel BPA methodology able to automatically adapt its detection capabilities to the current measured characteristics, without intervention from the IDS administrator is described.
A Multi-Parameter Trust Framework for Mobile Ad Hoc Networks
Ji Guo,Alan G. Marshall,Bosheng Zhou +2 more
- 01 Jan 2014
TL;DR: This chapter presents a novel trust model called Multi-Parameter Trust Framework for Mobile ad hoc networks (MTFM), which uses its use of multiple rather than a single parameter to decide the resulting trust value, applying Grey theory.
4
References
•Book
Data Mining: Practical Machine Learning Tools and Techniques
Ian H. Witten,Eibe Frank,Mark Hall +2 more
- 25 Oct 1999
TL;DR: This highly anticipated third edition of the most acclaimed work on data mining and machine learning will teach you everything you need to know about preparing inputs, interpreting outputs, evaluating results, and the algorithmic methods at the heart of successful data mining.
25.4K
A Cross-layer Approach to Detect Jamming Attacks in Wireless Ad hoc Networks
Geethapriya Thamilarasu,Sumita Mishra,Ramalingam Sridhar +2 more
- 23 Oct 2006
TL;DR: This work presents a decentralized monitor-based IDS for detecting jamming type denial of service (DoS) attacks at the lower layers of the protocol stack and incorporates a cross-layer design in this IDS to differentiate the malicious jamming behavior from genuine network failures.
53
Cross-Layer Based Anomaly Detection in Wireless Mesh Networks
Xia Wang,Johnny Wong,Fred Philip Stanley,Samik Basu +3 more
- 20 Jul 2009
TL;DR: A cross-layer based anomaly intrusion detection system (IDS) to accommodate the integrated property of routing protocols with link information in wireless mesh networks (WMNs) is proposed and an IDS software prototype over a wireless mesh network testbed is implemented and evaluated.
53
Data fusion algorithms for network anomaly detection: classification and evaluation
V. Chatzigiannakis,Georgios Androulidakis,Konstantinos Pelechrinis,Symeon Papavassiliou,Vasilis Maglaris +4 more
- 19 Jun 2007
TL;DR: In this paper, a classification of anomaly detection algorithms based on data fusion is presented, and it is revealed that in principle the conditions under which they operate efficiently are complementary, and therefore could be used effectively in an integrated way to detect a wider range of attacks.
Anomaly Detection Using the Dempster-Shafer Method
Qi Chen,Uwe Aickelin +1 more
TL;DR: It is shown that by combining multiple signals it is possible to achieve better results than by using a single signal, and by applying this approach to a real-world email dataset the algorithm works for email worm detection.
Related Papers (5)
Yingying Chen,Wade Trappe,Richard Martin +2 more
- 01 May 2007
Nancy Alrajei,Huirong Fu,Ye Zhu +2 more
- 30 Apr 2016