MAC layer anomaly detection in ad hoc networks

Yu Lui, Yang Li, Hong Man

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

33 Scopus citations

Abstract

It is evident that traditional end-to-end intrusion detection mechanisms developed on wireless local area networks (WLANs) and wired networks are no longer sufficient for breach investigation in ad hoc networks. Most existing intrusion detection techniques for ad hoc networks are proposed on tke network layer. In general, these techniques have difficulty to localize attack source, and can not respond to attacks promptly. In this paper, we investigate the use of MAC layer traffic data to characterize normal behaviors in the neighborhood of a mobile node, and to detect misbehaving nodes through MAC layer anomalies. In particular, we evaluate and select a set of features from MAC layer to profile normal behaviors of mobile nodes, and then we apply cross-feature analysis on feature vectors constructed from training data according to the proposed feature set. We are able to reliably detect MAC layer anomalies, some of which may be in fact caused by misbehavior of network layer, since most routing attacks directly impact MAC layer operations. We validate our work through ns-2 simulations. Experimental results show the effectiveness of our method.

Original languageEnglish
Title of host publicationProceedings from the Sixth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
Pages402-409
Number of pages8
DOIs
StatePublished - 2005
Event6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005 - West Point, NY, United States
Duration: 15 Jun 200517 Jun 2005

Publication series

NameProceedings from the 6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
Volume2005

Conference

Conference6th Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC 2005
Country/TerritoryUnited States
CityWest Point, NY
Period15/06/0517/06/05

Keywords

  • Ad hoc network
  • Anomaly detection
  • Cross-feature analysis
  • MAC layer anomaly

Fingerprint

Dive into the research topics of 'MAC layer anomaly detection in ad hoc networks'. Together they form a unique fingerprint.

Cite this