Due to the recent increased interest in wireless mesh networks(WMN), their security challenges have become of paramountimportance. An important security mechanismfor WMN, intrusion detection, has received considerable attentionfrom the research community. Recent results showthat traditional monitoring mechanisms are not applicableto real-worldWMNdue to their constrained resources (memoryand processing power), which result in high false negativerates since only few IDS functions can be activatedon monitoring nodes. Cooperative solutions, on the otherhand, have high communication overhead and detection delaywhen traffic is high. A practical traffic-aware IDS solutionwas recently proposed for resource-constrained WMN,however, traffic-awareness might not be feasible for someWMN applications. This paper proposes a traffic-agnosticIDS solution that uses a link-coverage approach to monitorboth local and backbone WMN traffic. Using real-world experimentsand extensive simulations we show our proposedIDS solutions outperform traffic-aware IDS solutions whilerequiring lower computation and communication overhead.
展开▼
