A Formal Rule-Based Scheme for Digital Investigation in Wireless Ad-hoc Networks

Abstract

Existing investigation schemes are not suitable to cope with attacks in wireless networks, especially in MANet. We propose in this paper a formal approach for digital investigation of security attacks in wireless networks. We provide a model for describing attack scenarios in wireless environment, and system and network evidences generated consequently. We develop an inference system that integrates the two types of evidences, handles incompleteness and duplication of information in them, and allows to generate potential and provable actions and attack scenarios. To exemplify the proposal, we consider a case study dealing with a Denial of Service attack on a web server, where the attacker and the target represent mobile nodes.