Modular Anomaly Detection for Smartphone Ad Hoc Communication
2012 (English)In: Information Security Technology for Applications: 16th Nordic Conference on Secure IT Systems, NordSec 2011, Tallinn, Estonia, October 26-28, 2011, Revised Selected Papers / [ed] Peeter Laud, Springer Berlin/Heidelberg, 2012, Vol. 7161, 65-81 p.Chapter in book (Refereed)
The capabilities of the modern smartphones make them the obvious platform for novel mobile applications. The open architectures, however, also create new vulnerabilities. Measures for prevention, detection, and reaction need to be explored with the peculiarities that resource-constrained devices impose. Smartphones, in addition to cellular broadband network capabilities, include WiFi interfaces that can even be deployed to set up a mobile ad hoc network (MANET). While intrusion detection in MANETs is typically evaluated with network simulators, we argue that it is important to implement and test the solutions in real devices to evaluate their resource footprint. This paper presents a modular implementation of an anomaly detection and mitigation mechanism on top of a dissemination protocol for intermittently-connected MANETs. The overhead of the security solution is evaluated in a small testbed based on three Android-based handsets and a laptop. The study shows the feasibility of the statistics-based anomaly detection regime, having low CPU usage, little added latency, and acceptable memory footprint.
Place, publisher, year, edition, pages
Springer Berlin/Heidelberg, 2012. Vol. 7161, 65-81 p.
Lecture Notes in Computer Science, ISSN 0302-9743 (print), 1611-3349 (online) ; 7161
intrusion detection; resource footprint; ad hoc networking
Engineering and Technology
IdentifiersURN: urn:nbn:se:liu:diva-87581DOI: 10.1007/978-3-642-29615-4_6ISI: 000310342000006ISBN: 978-3-642-29614-7ISBN: e-978-3-642-29615-4OAI: oai:DiVA.org:liu-87581DiVA: diva2:589547