An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks
Svetlana Radosavac, George Moustakides, John S. Baras, and Iordanis Koutsopoulos
ACM Transactions on Information and System Security, Article 19, Vol. 11, Issue 4, pp. 19.1 - 19.28, July 2008.
The widespread deployment of wireless networks and hot spots that employ the IEEE 802.11 technology has forced network designers to put emphasis on the importance of ensuring efficient and fair use of network resources. In this work we propose a novel framework for detection of intelligent adaptive adversaries in the IEEE 802.11 MAC by addressing the problem of detection of the worst-case scenario attacks. Utilizing the nature of this protocol we employ sequential detection methods for detecting greedy behavior and illustrate their performance for detection of least favorable attacks. By using robust statistics in our problem formulation, we attempt to utilize the precision given by parametric tests, while avoiding the specification of the adversarial distribution. This approach establishes the lowest performance bound of a given Intrusion Detection System (IDS) in terms of detection delay and is applicable in online detection systems where users who pay for their services want to obtain the information about the best and the worst case scenarios and performance bounds of the system. This framework is meaningful for studying misbehavior due to the fact that it does not focus on specific adversarial strategies and therefore is applicable to a wide class of adversarial strategies.