The pervasiveness of wireless devices and the architectural organization of wireless networks in distributed communities, where no notion of trust can be assumed, are the main reasons for the growing interest in the issue of compliance to protocol rules. Reliable and timely detection of deviation from legitimate protocol operation is recognized as a prerequisite for ensuring efficient and fair use of network resources and minimizing performance losses. Nevertheless, the random nature of protocol operation together with the inherent difficulty of monitoring in the open and highly volatile wireless medium poses significant challenges. In this paper, we consider the fundamental problem of detection of node misbehavior at the MAC layer. Starting from a model where the behavior of a node is observable, we cast the problem within a minimax robust detection framework, with the objective to provide a detection rule of optimum performance for the worst-case attack. The performance is measured in terms of required number of observations in order to derive a decision. This framework is meaningful for studying misbehavior because it captures the presence of uncertainty of attacks and concentrates on the attacks that are most significant in terms of incurred performance losses. It also refers to the case of an intelligent attacker that can adapt its policy to avoid being detected. Although the basic model does not include interference, we show that our ideas can be extended to the case where observations are hindered by interference due to concurrent transmissions. We also present some hints for the problem of notifying the rest of the network about a misbehavior event. Our work provides interesting insights and performance bounds and serves as a prelude to a future study that would capture more composite instances of the problem.
ISR develops, applies and teaches advanced methodologies of design and analysis toAbstract Selfish behavior at the MAC layer can have devastating side effects on the performance of wireless networks, similar to the effects of DoS attacks. In this paper we focus on the prevention and detection of the manipulation of the backoff mechanism by selfish nodes in 802.11. We first propose an algorithm to ensure honest backoffs when at least one, either the receiver or the sender is honest. Then we discuss detection algorithms to deal with the problem of colluding selfish nodes. Although we have focused on the MAC layer of 802.11, our approach is general and can serve as a guideline for the design of any probabilistic distributed MAC protocol.
Abstract-We revisit the problem of detecting greedy behavior in the IEEE 802.11 MAC protocol by evaluating the performance of two previously proposed schemes: DOMINO and the Sequential Probability Ratio Test (SPRT). Our evaluation is carried out in four steps. We first derive a new analytical formulation of the SPRT that considers access to the wireless medium in discrete time slots. Then, we introduce an analytical model for DOMINO. As a third step, we evaluate the theoretical performance of SPRT and DOMINO with newly introduced metrics that take into account the repeated nature of the tests. This theoretical comparison provides two major insights into the problem: it confirms the optimality of SPRT, and motivates us to define yet another test: a nonparametric CUSUM statistic that shares the same intuition as DOMINO but gives better performance. We finalize the paper with experimental results, confirming the correctness of our theoretical analysis and validating the introduction of the new nonparametric CUSUM statistic.
The widespread deployment of wireless networks and hot spots that employ the IEEE 802.11 technology has forced network designers to put emphasis on the importance of ensuring efficient and fair use of network resources. In this work we propose a novel framework for detection of intelligent adaptive adversaries in the IEEE 802.11 MAC by addressing the problem of detection of the worst-case scenario attacks. Utilizing the nature of this protocol we employ sequential detection methods for detecting greedy behavior and illustrate their performance for detection of least favorable attacks. By using robust statistics in our problem formulation, we attempt to utilize the precision given by parametric tests, while avoiding the specification of the adversarial distribution. This approach establishes the lowest performance bound of a given Intrusion Detection System (IDS) in terms of detection delay and is applicable in online detection systems where users who pay for their services want to obtain the information about the best and the worst case scenarios and performance bounds of the system. This framework is meaningful for studying misbehavior due to the fact that it does not focus on specific adversarial strategies and therefore is applicable to a wide class of adversarial strategies.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.