在manet中保护802.11 MAC:基于规范的入侵检测引擎

2012 9th Annual Conference on Wireless On-Demand Network Systems and Services (WONS) Pub Date : 2012-02-16 DOI:10.1109/WONS.2012.6152225

Christoforos Panos, Platon Kotzias, C. Xenakis, I. Stavrakakis

{"title":"在manet中保护802.11 MAC:基于规范的入侵检测引擎","authors":"Christoforos Panos, Platon Kotzias, C. Xenakis, I. Stavrakakis","doi":"10.1109/WONS.2012.6152225","DOIUrl":null,"url":null,"abstract":"Specification-based detection engines share the advantages of signature-based and anomaly-based detection, since they can detect unknown attacks, without the side effects of high rates of false positives. However, such solutions for MANETs have seen limited use. This paper introduces a specification-based detection engine that is built upon the functionality and limitations of the 802.11 MAC protocol, expanding the detection range of such engines in MANETs. The proposed detection engine is deployed at each node and performs detection using a set of specifications, which describe the correct operation of the MAC protocol operating at the host node. The proposed engine introduces a number of significant advantages since it can effectively detect both known and unknown attacks in real time and with minimum overhead. Moreover, it is resilient to the dynamic topologies that are common in MANETs and its deployment requires no protocol modifications.","PeriodicalId":309036,"journal":{"name":"2012 9th Annual Conference on Wireless On-Demand Network Systems and Services (WONS)","volume":"80 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Securing the 802.11 MAC in MANETs: A specification-based intrusion detection engine\",\"authors\":\"Christoforos Panos, Platon Kotzias, C. Xenakis, I. Stavrakakis\",\"doi\":\"10.1109/WONS.2012.6152225\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Specification-based detection engines share the advantages of signature-based and anomaly-based detection, since they can detect unknown attacks, without the side effects of high rates of false positives. However, such solutions for MANETs have seen limited use. This paper introduces a specification-based detection engine that is built upon the functionality and limitations of the 802.11 MAC protocol, expanding the detection range of such engines in MANETs. The proposed detection engine is deployed at each node and performs detection using a set of specifications, which describe the correct operation of the MAC protocol operating at the host node. The proposed engine introduces a number of significant advantages since it can effectively detect both known and unknown attacks in real time and with minimum overhead. Moreover, it is resilient to the dynamic topologies that are common in MANETs and its deployment requires no protocol modifications.\",\"PeriodicalId\":309036,\"journal\":{\"name\":\"2012 9th Annual Conference on Wireless On-Demand Network Systems and Services (WONS)\",\"volume\":\"80 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-02-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 9th Annual Conference on Wireless On-Demand Network Systems and Services (WONS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WONS.2012.6152225\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 9th Annual Conference on Wireless On-Demand Network Systems and Services (WONS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WONS.2012.6152225","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

基于规范的检测引擎共享基于签名和基于异常的检测的优点，因为它们可以检测未知攻击，而不会产生高误报率的副作用。然而，这种用于manet的解决方案使用有限。本文介绍了一种基于802.11 MAC协议的功能和局限性的基于规范的检测引擎，扩大了此类引擎在manet中的检测范围。建议的检测引擎部署在每个节点上，并使用一组规范执行检测，这些规范描述了在主机节点上运行的MAC协议的正确操作。所提出的引擎引入了许多显著的优点，因为它可以有效地实时检测已知和未知的攻击，并且开销最小。此外，它对manet中常见的动态拓扑具有弹性，并且其部署不需要修改协议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Securing the 802.11 MAC in MANETs: A specification-based intrusion detection engine

Specification-based detection engines share the advantages of signature-based and anomaly-based detection, since they can detect unknown attacks, without the side effects of high rates of false positives. However, such solutions for MANETs have seen limited use. This paper introduces a specification-based detection engine that is built upon the functionality and limitations of the 802.11 MAC protocol, expanding the detection range of such engines in MANETs. The proposed detection engine is deployed at each node and performs detection using a set of specifications, which describe the correct operation of the MAC protocol operating at the host node. The proposed engine introduces a number of significant advantages since it can effectively detect both known and unknown attacks in real time and with minimum overhead. Moreover, it is resilient to the dynamic topologies that are common in MANETs and its deployment requires no protocol modifications.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 9th Annual Conference on Wireless On-Demand Network Systems and Services (WONS)

自引率

0.00%

发文量