Fusing Multi-Layer Metrics for Detecting Security Attacks in 802.11 Networks.pdf (645.2 kB)
Download fileFusing multi-layer metrics for detecting security attacks in 802.11 networks
conference contribution
posted on 2011-05-06, 08:46 authored by Kostas KyriakopoulosKostas Kyriakopoulos, Francisco Aparicio-Navarro, David ParishComputer networks and more specifically wireless
communication networks are increasingly becoming susceptible
to more sophisticated and untraceable attacks. Most of the
current Intrusion Detection Systems either focus on just one layer
of observation or use a limited number of metrics without proper
data fusion techniques. However, the true status of a network,
is rarely accurately detectable by examining only one network
layer or metric. Ideally, a synergistic approach would require
knowledge from various layers to be fused and, collectively, an
ultimate decision to be taken. To this aim, the Dempster-Shafer
(D-S) approach is examined as a data fusion algorithm that
combines beliefs of multiple metrics across multiple layers.
This paper describes the methodology of using metrics from
multiple layers of wireless communication networks for detecting
wireless security breaches. The metrics are analysed and compared
to historical data and each gives a belief of whether an
attack takes place or not. The beliefs from different metrics are
fused with the D-S technique with the ultimate goal of limiting
false alarms by combining beliefs from various network layers.
The results show that cross-layer techniques and data fusion
perform more efficiently in a variety of situations compared to
conventional methods.
History
School
- Mechanical, Electrical and Manufacturing Engineering