The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - Nov.-Dec. (2012 vol.9)
pp: 917-929
Jordi Cucurull , Linköping University, Linköping
Mikael Asplund , Linköping University, Linköping
Simin Nadjm-Tehrani , Linköping University, Linköping
Tiziano Santoro , Linköping University, Linköping
ABSTRACT
In the event of a disaster, telecommunication infrastructures can be severely damaged or overloaded. Hastily formed networks can provide communication services in an ad hoc manner. These networks are challenging due to the chaotic context where intermittent connection is the norm and the identity and number of participants cannot be assumed. In such environments malicious actors may try to disrupt the communications to create more chaos for their own benefit. This paper proposes a general security framework for monitoring and reacting to disruptive attacks. It includes a collection of functions to detect anomalies, diagnose them, and perform mitigation. The measures are deployed in each node in a fully distributed fashion, but their collective impact is a significant resilience to attacks, so that the actors can disseminate information under adverse conditions. The approach has been evaluated in the context of a simulated disaster area network with a manycast dissemination protocol, Random Walk Gossip, with a store-and-forward mechanism. A challenging threat model where adversaries may attempt to reduce message dissemination or drain network resources without spending much of their own energy has been adopted.
INDEX TERMS
Network security, Detectors, Mobile ad hoc networks, Monitoring, survivability, Delay-tolerant networks, manycast, intrusion tolerance
CITATION
Jordi Cucurull, Mikael Asplund, Simin Nadjm-Tehrani, Tiziano Santoro, "Surviving Attacks in Challenged Networks", IEEE Transactions on Dependable and Secure Computing, vol.9, no. 6, pp. 917-929, Nov.-Dec. 2012, doi:10.1109/TDSC.2012.67
REFERENCES
[1] P.J. Denning, "Hastily Formed Networks," Comm. ACM, vol. 49, no. 4, pp. 15-20, 2006.
[2] M. Asplund and S. Nadjm-Tehrani, "A Partition-Tolerant Manycast Algorithm for Disaster Area Networks," Proc. IEEE Symp. Reliable Distributed Systems, pp. 156-165, 2009.
[3] E. Kuiper and S. Nadjm-Tehrani, "Geographical Routing with Location Service in Intermittently Connected MANETs," IEEE Trans. Vehicular Technology, vol. 60, no. 2, pp. 592-604, Feb. 2011.
[4] B. Steckler, B.L. Bradford, and S. Urrea, "Hastily Formed Networks for Complex Humanitarian Disasters After Action Report and Lessons Learned from the Naval Postgraduate School's Response to Hurricane Katrina," technical report, Naval Postgraduate School, 2005.
[5] N. Aschenbruck, E. Gerhards-Padilla, M. Gerharz, M. Frank, and P. Martini, "Modelling Mobility in Disaster Area Scenarios," Proc. 10th ACM Symp. Modeling, Analysis, and Simulation of Wireless and Mobile Systems (MSWiM), pp. 4-12, 2007.
[6] J. Cho, A. Swami, and I. Chen, "A Survey on Trust Management for Mobile Ad Hoc Networks," IEEE Comm. Surveys Tutorials, vol. 13, no. 4, pp. 562-583, Fourth Quarter 2011.
[7] P. Prasithsangaree and P. Krishnamurthy, "On a Framework for Energy-Efficient Security Protocols in Wireless Networks," Computer Comm., vol. 27, no. 17, pp. 1716-1729, 2004.
[8] N. Potlapally, S. Ravi, A. Raghunathan, and N. Jha, "A Study of the Energy Consumption Characteristics of Cryptographic Algorithms and Security Protocols," IEEE Trans. Mobile Computing, vol. 5, no. 2, pp. 128-143, Feb. 2006.
[9] H. Nakayama, S. Kurosawa, A. Jamalipour, Y. Nemoto, and N. Kato, "A Dynamic Anomaly Detection Scheme for AODV-Based Mobile Ad Hoc Networks," IEEE Trans. Vehicular Technology, vol. 58, no. 5, pp. 2471-2481, June 2009.
[10] Y. Liu, Y. Li, H. Man, and W. Jiang, "A Hybrid Data Mining Anomaly Detection Technique in Ad Hoc Networks," Int'l J. Wireless and Mobile Computing, vol. 2, no. 1, pp. 37-46, 2007.
[11] J.B. Cabrera, C. Gutiérrez, and R.K. Mehra, "Ensemble Methods for Anomaly Detection and Distributed Intrusion Detection in Mobile Ad-Hoc Networks," Information Fusion, vol. 9, no. 1, pp. 96-119, 2008.
[12] E. Gerhards-Padilla, N. Aschenbruck, and P. Martini, "TOGBAD an Approach to Detect Routing Attacks in Tactical Environments," Security and Comm. Networking, vol. 4, pp. 793-806, 2011.
[13] H. Yang, H. Luo, F. Ye, S. Lu, and L. Zhang, "Security in Mobile Ad Hoc Networks: Challenges and Solutions," IEEE Wireless Comm. Magazine, vol. 11, no. 1, pp. 38-47, Feb. 2004.
[14] V. Chandola, A. Banerjee, and V. Kumar, "Anomaly Detection: A Survey," ACM Computing Surveys, vol. 41, article 15, 2009.
[15] P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, and E. Vázquez, "Anomaly-Based Network Intrusion Detection: Techniques, Systems and Challenges," Computers & Security, vol. 28, nos. 1/2, pp. 18-28, 2009.
[16] C. Xenakis, C. Panos, and I. Stavrakakis, "A Comparative Evaluation of Intrusion Detection Architectures for Mobile Ad Hoc Networks," Computers & Security, vol. 30, no. 1, pp. 63-80, 2011.
[17] M. Chuah, P. Yang, and J. Han, "A Ferry-Based Intrusion Detection Scheme for Sparsely Connected Ad Hoc Networks," Proc. Fourth Ann. Int'l Conf. Mobile and Ubiquitous Systems: Networking & Services, pp. 1-8, 2007.
[18] Y. Ren, M.C. Chuah, J. Yang, and Y. Chen, "Detecting Wormhole Attacks in Delay-Tolerant Networks," IEEE Wireless Comm. Magazine, vol. 17, no. 5, pp. 36-42, Oct. 2010.
[19] R. Sommer and V. Paxson, "Outside the Closed World: On Using Machine Learning for Network Intrusion Detection," Proc. IEEE Symp. Security and Privacy (SP), 2010.
[20] S. Axelsson, "The Base-Rate Fallacy and the Difficulty of Intrusion Detection," ACM Trans. Information Systems Security, vol. 3, no. 3. pp. 186-205, 2005.
[21] G. Vigna, S. Gwalani, K. Srinivasan, E. Belding-Royer, and R. Kemmerer, "An Intrusion Detection Tool for AODV-Based Ad Hoc Wireless Networks," Proc. 20th Ann. Computer Security Applications Conf., 2004.
[22] S. Razak, S. Furnell, N. Clarke, and P. Brooke, "Friend-Assisted Intrusion Detection and Response Mechanisms for Mobile Ad Hoc Networks," Ad Hoc Networks, vol. 6, no. 7, pp. 1151-1167, 2008.
[23] S. Şen, J.A. Clark, and J.E. Tapiador, "Power-Aware Intrusion Detection in Mobile Ad Hoc Networks," Ad Hoc Networks, vol. 28, pp. 224-239, 2010.
[24] B. Sun, K. Wu, and U.W. Pooch, "Zone-Based Intrusion Detection for Ad Hoc Networks," Ad Hoc Sensor Wireless Networks, 2004.
[25] A. Deodhar and R. Gujarathi, "A Cluster Based Intrusion Detection System for Mobile Ad Hoc Networks," technical report, Virginia Polytechnic Inst. & State Univ,
[26] S.-H. Wang, C.H. Tseng, K. Levitt, and M. Bishop, "Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks," Proc. Recent Advances in Intrusion Detection, pp. 127-145, 2007.
[27] E. Ayday, H. Lee, and F. Fekri, "Trust Management and Adversary Detection for Delay Tolerant Networks," Proc. Military Comm. Conf. (MILCOM), 2010.
[28] Z. Zhao, H. Hu, G.-J. Ahn, and R. Wu, "Risk-Aware Response for Mitigating Manet Routing Attacks," Proc. IEEE GLOBECOM, 2010.
[29] F. Li, J. Wu, and A. Srinivasan, "Thwarting Blackhole Attacks in Disruption-Tolerant Networks Using Encounter Tickets," Proc. IEEE INFOCOM, 2009.
[30] J. Solis, N. Asokan, K. Kostiainen, P. Ginzboorg, and J. Ott, "Controlling Resource Hogs in Mobile Delay-Tolerant Networks," Computer Comm., vol. 33, no. 1, pp. 2-10, 2010.
[31] C.H. Tseng, S.-H. Wang, C. Ko, and K. Levitt, "DEMEM: Distributed Evidence-Driven Message Exchange Intrusion Detection Model for MANET," Proc. Conf. Recent Advances in Intrusion Detection, pp. 249-271, 2006.
[32] Y.-A. Huang and W. Lee, "A Cooperative Intrusion Detection System for Ad Hoc Networks," Proc. First ACM Workshop Security of Ad Hoc and Sensor Networks (SASN), pp. 135-147, 2003.
[33] J. Cucurull, M. Asplund, and S. Nadjm-Tehrani, "Anomaly Detection and Mitigation for Disaster Area Networks," Proc. 13th Int'l Conf. Recent Advances in Intrusion Detection, S. Jha, R. Sommer, and C. Kreibich, eds., pp. 339-359, 2010.
[34] M. Raciti, J. Cucurull, and S. Nadjm-Tehrani, "Energy-Based Adaptation in Simulations of Survivability of Ad Hoc Communication," Proc. IFIP Wireless Days (WD), 2011.
[35] D.S. Moore and G.P.M. Cabe, Introduction to the Practice of Statistics, fifth ed. W.H. Freeman, 2005.
[36] J. Cucurull, S. Nadjm-Tehrani, and M. Raciti, "Modular Anomaly Detection for Smartphone Ad Hoc Communication," Proc. 16th Nordic Conf. Secure IT Systems (NordSec '11), 2011.
[37] "Hastily Formed Networks," http://www.ida.liu.se/~rtslabHFN, 2012.
68 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool