Subscribe

Issue No.12 - December (2011 vol.10)

pp: 1681-1693

Jaehyuk Choi , Kyungwon University, Seongnam

Alexander W. Min , Intel Labs, Hillsboro

Kang G. Shin , The University of Michigan, Ann Arbor

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2010.262

ABSTRACT

Detecting misbehaving users in wireless networks is an important problem that has been drawing considerable attention. Even though there is a plethora of work on 802.11 wireless local area networks (WLANs), most existing schemes employ behavior-based anomaly detection, assuming that the backoff-time information of each transmitting node is available to the monitoring node. Unfortunately, it is practically infeasible to obtain the accurate backoff value chosen by other transmitting nodes because this MAC-layer information is not readily available. In this paper, we propose a practical way of pinpointing the misbehaving nodes without requiring access of hardware-level (e.g., backoff time) information in 802.11 WLANs. In contrast to most prior work, our scheme exploits the sequence of successfully received packets, which are readily observable at the access point. The distinct features of our scheme are that it 1) promptly detects a misbehaving node using a sequential hypothesis test, 2) performs well in realistic erroneous channel conditions due to its ability to accurately capture link heterogeneity, and 3) incurs negligible memory and computation overheads as it makes detection decisions based on runtime observations. The effectiveness of the proposed scheme is evaluated via extensive simulation as well as implementation, demonstrating its capability of accurately detecting nodess' selfish behavior in realistic 802.11 WLAN environments.

INDEX TERMS

Network monitoring, IEEE 802.11, WLANs, passive online detection, driver-level solution, greedy behavior.

CITATION

Jaehyuk Choi, Alexander W. Min, Kang G. Shin, "A Lightweight Passive Online Detection Method for Pinpointing Misbehavior in WLANs",

*IEEE Transactions on Mobile Computing*, vol.10, no. 12, pp. 1681-1693, December 2011, doi:10.1109/TMC.2010.262REFERENCES

- [1] USRP, http:/www.ettus.com, 2011.
- [2] GNU Software Radio Project, http://www.gnu.org/softwaregnuradio, 2011.
- [3] Multiband Atheros Driver for WiFi, http:/madwifi-project.org, 2011.
- [4] M. Neufeld, J. Fifield, C. Doerr, A. Sheth, and D. Grunwald, “SoftMAC—Flexible Wireless Research Platform,”
Proc. Fourth Workshop Hot Topics in Networks (HotNets-IV), Nov. 2005.- [5] J.H. Reed,
Software Radio: A Modern Approach to Radio Engineering. Prentice Hall, May 2002.- [6] P. Kyasanur and N.H. Vaidya, “Selfish MAC Layer Misbehavior in Wireless Networks,”
IEEE Trans. Mobile Computing, vol. 4, no. 5, pp. 502-516, Sept./Oct. 2005.- [7] S. Radosavac, J.S. Baras, and I. Koutsopoulos, “A Framework for MAC Protocol Misbehavior Detection in Wireless Networks,”
Proc. Fourth ACM Workshop Wireless Security (WiSe '05), Sept. 2005.- [8] M. Raya, I. Aad, J. Hubaux, and A.E. Fawal, “DOMINO: Detecting MAC Layer Greedy Behavior in IEEE 802.11 Hotspots,”
IEEE Trans. Mobile Computing, vol. 5, no. 12, pp. 1691-1705, Dec. 2006.- [9] A.L. Toledo and X. Wang, “Robust Detection of Selfish Misbehavior in Wireless Networks,”
IEEE J. Selected Areas in Comm., vol. 25, no. 6, pp. 1124-1134, Aug. 2007.- [10] A.B. MacKenzie and S.B. Wicker, “Selfish Users in Aloha: A Game-Theoretic Approach,”
Proc. IEEE 54th Vehicular Technology Conf. (VTC-Fall), Oct. 2001.- [11] M. Čagalj, S. Ganeriwal, I. Aad, and J. Hubaux, “On Selfish Behavior in CSMA/CA Networks,”
Proc. IEEE INFOCOM, Mar. 2005.- [12] Y. Rong, S. Lee, and H. Choi, “Detecting Stations Cheating on Backoff Rules in 802.11 Networks Using Sequential Analysis,”
Proc. IEEE INFOCOM, Apr. 2006.- [13] M.K. Han, B. Overstreet, and L. Qiu, “Greedy Receivers in IEEE 802.11 Hotspots,”
Proc. 37th Ann. IEEE/IFIP Int'l Conf. Dependable Systems and Networks (DSN '07), June 2007.- [14] L. Guang, C.M. Assi, and A. Benslimane, “Enhancing IEEE 802.11 Random Backoff in Selfish Environments,”
IEEE Trans. Vehicular Technology, vol. 57, no. 3, pp. 1806-1822, May 2008.- [15]
IEEE 802.11 WG, IEEE Std 802.11-2007 Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE Std 802.11-1999, IEEE, 2007.- [16] H. Poor,
An Introduction to Signal Detection and Estimation. Springer-Verlag, 1994.- [17] T. Salonidis, M. Garetto, A. Saha, and E. Knightly, “Identifying High Throughput Paths in 802.11 Mesh Networks: A Model-Based Approach,”
Proc. IEEE Int'l Conf. Network Protocols (ICNP '07), Oct. 2007.- [18] A. Wald, “Sequential Tests of Statistical Hypotheses,”
The Annals of Math. Statistics, vol. 16, pp. 117-186, June 1945.- [19] G. Bianchi, “Performance Analysis of the IEEE 802.11 Distributed Coordination Function,”
IEEE J. Selected Areas in Comm., vol. 18, no. 3, pp. 535-547, Mar. 2000.- [20] S.M. Sadoogi-Alvandi, A.R. Nematollahi, and R. Habibi, “On the Distribution of the Sum of Independent Uniform Random Variables,”
Statistical Papers, vol. 50, no. 1, pp. 171-175, Jan. 2009.- [21] A. Kumar, E. Altman, D. Miorandi, and M. Goyal, “New Insights from a Fixed-Point Analysis of Single Cell IEEE 802.11 WLANs,”
IEEE/ACM Trans. Network, vol. 15, no. 3, pp. 588-601, June 2007.- [22] K. Medepalli and F.A. Tobagi, “Towards Performance Modeling of IEEE 802.11 Based Wireless Networks: A Unified Framework and Its Applications,”
Proc. IEEE INFOCOM, Apr. 2006.- [23] M.M. Carvalho and J.J. Garcia-Luna-Aceves, “A Scalable Model for Channel Access Protocols in Multihop Ad Hoc Networks,”
Proc. ACM MobiCom, Sept. 2004.- [24] L. Qiu, Y. Zhang, F. Wang, M.K. Han, and R. Mahajan, “A General Model of Wireless Interference,”
Proc. ACM MobiCom, Sept. 2007.- [25] G. Bianchi and I. Tinnirello, “Kalman Filter Estimation of the Number of Competing Terminals in an IEEE 802.11 Network,”
Proc. IEEE INFOCOM, Mar./Apr. 2003.- [26] M.G. Kendall and A. Stuart,
The Advanced Theory of Statistics. Griffin, 1973.- [27] G. Casella and R.L. Berger,
Statistical Inference. Duxbury Thomson Learning, 2002.- [28] The Network Simulator ns-2 (v2.34), http://www.isi.edu/nsnamns, 2011.
- [29] Cisco Systems, “Cisco Tech Notes: Comparing Traffic Policing and Traffic Shaping for Bandwidth Limiting,” Document ID: 19645 Graphs Illustrate Differences in Typical Output, 2005.
- [30] A. Venkataraman, C.L. Corbett, and R.A. Beyah, “A Wired-Side Approach to MAC Misbehavior Detection,”
Proc. IEEE Int'l Conf. Comm. (ICC '10), May 2010. |