Issue No. 01 - Jan. (2013 vol. 24)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TPDS.2012.104
Jie Yang , Dept. of Comput. Sci. & Eng., Oakland Univ., Rochester, MI, USA
Yingying Chen , Dept. of Electr. & Comput. Eng., Stevens Inst. of Technol., Hoboken, NJ, USA
W. Trappe , WINLAB, Rutgers, State Univ. of New Jersey, North Brunswick, NJ, USA
J. Cheng , Dept. of Med., Univ. of Med. & Dentistry of New Jersey, New Brunswick, NJ, USA
Wireless spoofing attacks are easy to launch and can significantly impact the performance of networks. Although the identity of a node can be verified through cryptographic authentication, conventional security approaches are not always desirable because of their overhead requirements. In this paper, we propose to use spatial information, a physical property associated with each node, hard to falsify, and not reliant on cryptography, as the basis for 1) detecting spoofing attacks; 2) determining the number of attackers when multiple adversaries masquerading as the same node identity; and 3) localizing multiple adversaries. We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. We then formulate the problem of determining the number of attackers as a multiclass detection problem. Cluster-based mechanisms are developed to determine the number of attackers. When the training data are available, we explore using the Support Vector Machines (SVM) method to further improve the accuracy of determining the number of attackers. In addition, we developed an integrated detection and localization system that can localize the positions of multiple attackers. We evaluated our techniques through two testbeds using both an 802.11 (WiFi) network and an 802.15.4 (ZigBee) network in two real office buildings. Our experimental results show that our proposed methods can achieve over 90 percent Hit Rate and Precision when determining the number of attackers. Our localization results using a representative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries.
telecommunication security, cryptography, radio networks, support vector machines, 802.11 WiFi network, multiple spoofing attackers, wireless networks, wireless spoofing attacks, network performance, cryptographic authentication, conventional security, spatial information, physical property, node identity, spatial correlation, received signal strength, RSS, spoofing attacks, cluster based mechanisms, support vector machines, SVM, integrated detection, 802.15.4 ZigBee network, Wireless communication, IEEE 802.11 Standards, Cryptography, Testing, Correlation, Communication system security, Shadow mapping, localization, Wireless network security, spoofing attack, attack detection
Yingying Chen, J. Cheng, W. Trappe and Jie Yang, "Detection and Localization of Multiple Spoofing Attackers in Wireless Networks," in IEEE Transactions on Parallel & Distributed Systems, vol. 24, no. , pp. 44-58, 2013.