Anomaly detection and mitigation for disaster area networks
2010 (English)In: Recent Advances in Intrusion Detection: 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15-17, 2010. Proceedings / [ed] Somesh Jha, Robin Sommer and Christian Kreibich, Springer Berlin/Heidelberg, 2010, 339-359 p.Chapter in book (Refereed)
One of the most challenging applications of wireless networking are in disaster area networks where lack of infrastructure, limited energy resources, need for common operational picture and thereby reliable dissemination are prevalent.In this paper we address anomaly detection in intermittently connected mobile ad hoc networks in which there is little or no knowledge about the actors on the scene, and opportunistic contacts together with a store-and-forward mechanism are used to overcome temporary partitions. The approach uses a statistical method for detecting anomalies when running a manycast protocol for dissemination of important messages to k receivers. Simulation of the random walk gossip (RWG) protocol combined with detection and mitigation mechanisms is used to illustrate that resilience can be built into a network in a fully distributed and attack-agnostic manner, at a modest cost in terms of drop in delivery ratio and additional transmissions. The approach is evaluated with attacks by adversaries that behave in a similar manner to fair nodes when invoking protocol actions.
Place, publisher, year, edition, pages
Springer Berlin/Heidelberg, 2010. 339-359 p.
Lecture Notes in Computer Science, ISSN 0302-9743 (print), 1611-3349 (online) ; 6307
security, anomaly detection, disaster area networks
IdentifiersURN: urn:nbn:se:liu:diva-59820DOI: 10.1007/978-3-642-15512-3_18ISBN: 978-3-642-15511-6ISBN: 3-642-15511-1OAI: oai:DiVA.org:liu-59820DiVA: diva2:353314
The original publication is available at www.springerlink.com: Jordi Cucurull, Simin Nadjm-Tehrani and Mikael Asplund, Anomaly detection and mitigation for disaster area networks, 2010, Lecture Notes in Computer Science: RAID 2010, 339-359. http://dx.doi.org/10.1007/978-3-642-15512-3_18 Copyright: Springer Verlag http://www.springerlink.com/2010-09-292010-09-252015-03-02Bibliographically approved