OpenLIDS: A lightweight intrusion detection system for wireless mesh networks

Proceedings of the Annual International Conference on Mobile Computing and Networking, MOBICOM

Volumn , Issue , 2009, Pages 309-320

  Hugelshofer, Fabian ^a   Smith, Paul ^a   Hutchison, David ^a   Race, Nicholas J P ^a  

^a LANCASTER UNIVERSITY   (United Kingdom)

Author keywords

Intrusion detection; Performance; Resource constrained devices; Wireless mesh network

Indexed keywords

ANOMALY DETECTION; COST CONSTRAINTS; COST-EFFICIENT; DECENTRALISED; DEEP PACKET INSPECTION; EXPERIMENTAL STUDIES; HARDWARE RESOURCES; INTERNET ACCESS; INTRUSION DETECTION SYSTEMS; MALICIOUS TRAFFIC; MALWARES; MODIFIED SOFTWARE; NETWORK RESOURCE; PERFORMANCE; RESOURCE-CONSTRAINED; RESOURCECONSTRAINED DEVICES; ROUTE TRAFFIC; WIRELESS ACCESS POINTS;

AD HOC NETWORKS; COMPUTER CRIME; COMPUTER HARDWARE; COMPUTER SCIENCE; WIRELESS LOCAL AREA NETWORKS (WLAN); WIRELESS MESH NETWORKS (WMN); WIRELESS TELECOMMUNICATION SYSTEMS;

INTRUSION DETECTION;

EID: 70450252038     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1614320.1614355     Document Type: Conference Paper

References (40)

1. aMule. http://www.amule.org, August 2008.
2. P. Ayuso. Netfilter's connection tracking system. LOGIN;, The USENIX magazine, 32(3):34-39, 2006.
3. I. Charitakis, K. Anagnostakis, and E. Markatos. An Active Traffic Splitter Architecture for Intrusion Detection. In MASCOTS 2003, 11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, pages 238-241, 2003.
4. T. Chen, G. Kuo, Z. Li, and G. Zhu. Intrusion Detection in Wireless Mesh Networks. Security in Wireless Mesh Networks, page 145, 2008.
5. Conficker Worm. http://www.symantec.com/security-response/writeup.jsp? docid=2008-123015-3826-99, December 2008.
6. A. Decker, D. Sancho, L. Kharouni, M. Goncharov, and R. McArdle. Pushdo/Cutwail Botnet. http://us.trendmicro.com/imperia/md/content/us/pdf/ threats/securitylibrary/study-of-pushdo.pdf, July 2009.
7. L. Deri. Improving Passive Packet Capture: Beyond Device Polling. Proceedings of SANE, 2004, 2004.
8. H. Dreger, A. Feldmann, V. Paxson, and R. Sommer. Operational Experiences with High-Volume Network Intrusion Detection. Proceedings of the 11th ACM conference on Computer and communications security, pages 2-11, 2004.
9. J. Ishmael, S. Bury, D. Pezaros, and N. Race. Deploying Rural Community Wireless Mesh Networks. IEEE Internet Computing, 12(4):22-29, 2008.
10. O. Kachirski and R. Guha. Effective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks. In Proceedings of the 36th Annual Hawaii International Conference on System Sciences, 2003.
11. C. Kruegel, F. Valeur, G. Vigna, and R. Kemmerer. Stateful Intrusion Detection for High-Speed Networks. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 285-293, 2002.
12. W. Lee, J. Cabrera, A. Thomas, N. Balwalli, S. Saluja, and Y. Zhang. Performance Adaptation in Real-Time Intrusion Detection Systems. Lecture Notes in Computer Science, pages 252-273, 2002.
13. libpcap: Packet Capture Library. http://www.tcpdump.org, April 2008.
14. Madwifi. http://www.madwifi.org, May 2008.
15. S. McCanne and V. Jacobson. The BSD packet filter: A new architecture for user-level packet capture. Proc. Winter'93 USENIX Conference, 1993.
16. Y. Musashi, R. Matsuba, and K. Sugitani. Indirect Detection of Mass Mailing Worm-Infected PC terminals for Learners. Proc. ICETA2004, 2004.
17. Netfilter Project. http://www.netfilter.org, May 2008.
18. Open Wireless. http://www.openwireless.ch, April 2008.
19. OpenWRT. http://www.openwrt.org, April 2008.
20. V. Paxson. Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks, 31(23):2435-2463, 1999.
21. V. Paxson. Bro Intrusion Detection System Hands-On Workshop: Bro Overwiew. Technical report, Lawrence Berkeley National Laboratory, 2007.
22. Procps - The/proc file system utilities. http://procps.sourceforge.net, May 2008.
23. A. Ramachandran and N. Feamster. Understanding the Network-Level Behavior of Spammers. In Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, volume 36, pages 291-302. ACM New York, NY, USA, 2006.
24. M. Roesch. Snort-Lightweight Intrusion Detection for Networks. Proceedings of the 1999 USENIX LISA Systems Administration Conference, 1999.
25. H. Schulzrinne, S. Casner, R. Frederick, and V. Jacobso. RFC 3350: RTP: A Transport Protocol for Real-Time Applications, 2003.
26. Seattle Wireless. http://www.seattlewireless.net, April 2008.
27. S. Shalunov. Thrulay - Network capacity tester. http://shlang.com/ thrulay/, August 2008.
28. S. Sinha, F. Jahanian, and J. Patel. Wind: Workload-aware intrusion detection. In Symposium on Recent Advances in Intrusion Detection (RAID'06), Hamburg, Germany, September 2006.
29. Smurf Attack. http://www.cert.org/advisories/CA-1998-01.html, February 2007.
30. D. Sterne, P. Balasubramanyam, D. Carman, B. Wilson, R. Talpade, C. Ko, R. Balupari, C. Tseng, T. Bowen, M. Res, et al. A General Cooperative Intrusion Detection Architecture for MANETs. In Third IEEE International Workshop on Information Assurance, pages 57-70, 2005.
31. J. Stewart. Storm Worm DDoS Attack. http://www.secureworks.com/research/ threats/storm-worm, February 2007.
32. B. Stone-Gross, C. Wilson, K. Almeroth, E. Belding, H. Zheng, and K. Papagiannaki. Malware in IEEE 802.11 Wireless Networks. In Proceedings of the Passive and Active Measurement Conference (PAM), 2008.
33. *NIX. http://tcpreplay.synfin.net, April 2008.
34. Transmission. http://www.transmissionbt.com, August 2008.
35. A. Wagner, T. Dübendorfer, R. Hiestand, C. Göldi, and B. Plattner. A Fast Worm Scan Detection Tool for VPN Congestion Avoidance. Lecture Notes in Computer Science, 4064:181, 2006.
36. C. Wong, S. Bielski, J. McCune, and C. Wang. A Study of Mass-mailing Worms. Proceedings of the 2004 ACM workshop on Rapid malcode, pages 1-10, 2004.
37. P. Wood. libpcap-mmap: Memory Mapped Packet Capture Library. http://public.lanl.gov/cpw/, April 2008.
38. Y. Xie, F. Yu, K. Achan, R. Panigrahy, G. Hulten, and I. Osipkov. Spamming Botnets: Signatures and Characteristics. 2008.
39. A. Yoshioka, S. Shaikot, and M. Kim. Rule Hashing for Efficient Packet Classification in Network Intrusion Detection. In Proceedings of 17th International Conference on Computer Communications and Networks. ICCCN 2008, pages 1-6, August 2008.
40. Y. Zhang and W. Lee. Intrusion Detection in Wireless Ad-Hoc Networks. Proceedings of the Sixth Annual International Conference on Mobile Computing and Networking (MobiCom'2000), 2000.