D. Sterne, G. Lawler, R. Gopaul, B. Rivera, K. Marcus, P. Kruus
{"title":"反制带内虫洞检测中的诬告与串通","authors":"D. Sterne, G. Lawler, R. Gopaul, B. Rivera, K. Marcus, P. Kruus","doi":"10.1109/ACSAC.2007.41","DOIUrl":null,"url":null,"abstract":"Cooperative intrusion detection techniques for MANETs utilize ordinary computing hosts as network intrusion sensors. If compromised, these hosts may inject bogus data into the intrusion detection system to hide their activities or falsely accuse well-behaved nodes. Approaches to Byzantine fault tolerance involving voting are potentially applicable, but must address the fact that only nodes in particular topological locations at particular times are qualified to vote on whether an attack occurred. We examine these issues in the context of a prototype distributed detector for self-contained, in-band wormholes in OLSR networks. We propose an opportunistic voting algorithm and present test results from a 48-node testbed in which colluding attackers generate corroborating false accusations against pairs of innocent nodes. The results indicate that opportunistic voting can instantaneously suppress false accusations when the network topology and routes chosen by OLSR provide a sufficient number of nearby honest observers to outvote the attackers.","PeriodicalId":199101,"journal":{"name":"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Countering False Accusations and Collusion in the Detection of In-Band Wormholes\",\"authors\":\"D. Sterne, G. Lawler, R. Gopaul, B. Rivera, K. Marcus, P. Kruus\",\"doi\":\"10.1109/ACSAC.2007.41\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cooperative intrusion detection techniques for MANETs utilize ordinary computing hosts as network intrusion sensors. If compromised, these hosts may inject bogus data into the intrusion detection system to hide their activities or falsely accuse well-behaved nodes. Approaches to Byzantine fault tolerance involving voting are potentially applicable, but must address the fact that only nodes in particular topological locations at particular times are qualified to vote on whether an attack occurred. We examine these issues in the context of a prototype distributed detector for self-contained, in-band wormholes in OLSR networks. We propose an opportunistic voting algorithm and present test results from a 48-node testbed in which colluding attackers generate corroborating false accusations against pairs of innocent nodes. The results indicate that opportunistic voting can instantaneously suppress false accusations when the network topology and routes chosen by OLSR provide a sufficient number of nearby honest observers to outvote the attackers.\",\"PeriodicalId\":199101,\"journal\":{\"name\":\"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-12-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ACSAC.2007.41\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ACSAC.2007.41","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Countering False Accusations and Collusion in the Detection of In-Band Wormholes
Cooperative intrusion detection techniques for MANETs utilize ordinary computing hosts as network intrusion sensors. If compromised, these hosts may inject bogus data into the intrusion detection system to hide their activities or falsely accuse well-behaved nodes. Approaches to Byzantine fault tolerance involving voting are potentially applicable, but must address the fact that only nodes in particular topological locations at particular times are qualified to vote on whether an attack occurred. We examine these issues in the context of a prototype distributed detector for self-contained, in-band wormholes in OLSR networks. We propose an opportunistic voting algorithm and present test results from a 48-node testbed in which colluding attackers generate corroborating false accusations against pairs of innocent nodes. The results indicate that opportunistic voting can instantaneously suppress false accusations when the network topology and routes chosen by OLSR provide a sufficient number of nearby honest observers to outvote the attackers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
