A Distributed and Collaborative Intrusion Detection Architecture for Wireless Mesh Networks

摘要

Wireless Mesh Network (WMN) is an emerging heterogeneous network architecture that is growing in importance among traditional wireless communication systems as a cost-effective way of providing Internet services. However, WMNs are particularly vulnerable to malicious nodes given their inherent attributes such as decentralized infrastructure and high dependence of node cooperation. We then propose a distributed and Collaborative Intrusion Detection System (CIDS) architecture for detecting insider attacks at real-time, which comprises:i) a Routing Protocol Analyzer (RPA) to analyze the collected routing traffic and generate respective Routing Events; ii) a Distributed Intrusion Detection Engine (DIDE) that treats the Routing Events by applying Routing Constraints and calculate related Misbehaving Metrics; iii) a Cooperative Consensus Mechanism (CCM) to check the Misbehaving Metrics using a proposed threshold scheme and to track down the source of intrusion. The entire CIDS solution is implemented in a virtualized mesh network platform. The experimental results show the proposed CIDS architecture efficiently detects message fabrication attacks with good precision and low resource consumption.