利用有限状态机的无线网状网的入侵检测 |
| |
摘 要: |
|
收稿时间: | 2011-06-23; |
Intrusion Detection for Wireless Mesh Networks using Finite State Machine |
| |
Authors: | Yi Ping Wu Yue Liu Ning Wang Zhiyang |
| |
Affiliation: | School of Information Security Engineering, Shanghai Jiao Tong University, Shanghai 200240, P. R. China
Key Laboratory of Child Development and Learning Science of Ministry of Education, Southeast University,Nanjing 210096, China |
| |
Abstract: | Wireless Mesh Networks is vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point. The raditional way of protecting networks with firewalls and encryption software is no longer sufficient and effective for those features. In this paper, we propose a distributed intrusion detection approach based on timed automata. A cluster-based detection scheme is presented, where periodically a node is elected as the monitor node for a cluster. These monitor nodes can not only make local intrusion detection decisions, but also cooperatively take part in global intrusion detection. And then we construct the Finite State Machine (FSM) by the way of manually abstracting the correct behaviors of the node according to the routing protocol of Dynamic Source Routing (DSR). The monitor nodes can verify every node's behavior by the Finite State Machine (FSM), and validly detect real-time attacks without signatures of intrusion or trained data. Compared with the architecture where each node is its own IDS agent, our approach is much more efficient while maintaining the same level of effectiveness. Finally, we evaluate the intrusion detection method through simulation experiments. |
| |
Keywords: | wireless mesh networks security intrusion detection finite state machine |
|
| 点击此处可从《中国通信学报》浏览原始摘要信息 |
|
点击此处可从《中国通信学报》下载全文 |
|