Projects: Cooperative Intrusion Detection for Resource Constrained Wireless Networks

The problem of cooperative intrusion detection in battery-powered wireless mesh and sensor networks is challenging, primarily because of the limited resources available to participating nodes. Although the problem has received some attention from the research community, little is known about the tradeoffs among different objectives, such as high network performance, low power consumption, low delay in information collection and high security effectiveness. This research proposes, cooperative intrusion detection functions that take into account multiple objectives simultaneously. We formulate the problem of identifying the type of intrusion detection function each node runs, as a multi-objective optimization problem, and propose solutions based on genetic algorithms. Simulations demonstrate that our solutions are scalable to large networks, and are characterized by a small variance in the normalized fitness value of individual/single objectives and by a small attack detection/reporting delay. In a real implementation/evaluation we demonstrate that cooperative intrusion detection system achieves a higher detection rate than state of art solutions.
We gratefully acknowledge the partial funding of this research by ONR.

Members

Papers

  • A. Hassanzadeh, R. Stoleru, "On the Optimality of Cooperative Intrusion Detection for Resource Constrained Wireless Networks," in IEEE Transactions on Dependable and Secure Computing (TDSC), submitted.
  • A. Hassanzadeh, R. Stoleru, "Towards Optimal Monitoring in Cooperative IDS for Resource Constrained Wireless Networks," in Proceedings of IEEE International Conference on Computer Communications and Networks (ICCCN), 2011.
  • A. Hassanzadeh, R. Stoleru, B. Shihada, "Energy Effcient Monitoring for Intrusion Detection in Battery-Powered Wireless Mesh Networks," in Proceedings of International Conference on Ad hoc Networks and Wireless (ADHOC NOW), 2011.

Source Code Releases

  • Mobile AdHoc Sensor Network, Acoustic and Ultrasonic ranging release 1.0 (TinyOS and Java code based on MCL, MSL, and EPFL SND)