Abstract
In communications, there has been a paradigm shift toward the widespread adoption of wireless technologies in recent years. This evolution to—often ad-hoc—wireless communication has led to significant benefits in terms of flexibility and mobility. However, alongside these benefits, arise new attack vectors, which cannot be mitigated by traditional security measures. Especially in scenarios where traditional, proactive cryptographic techniques cannot be deployed or have been compromised, reactive mechanisms are necessary to detect intrusions. In this paper, we discuss new directions and future challenges in detecting insider attacks for the exemplary application domain of industrial wireless networks, an enabling technology for current smart factory trends. First, we review existing work on intrusion detection in mobile ad-hoc networks with a focus on physical-layer-based detection mechanisms. Second, we conduct a proof-of-concept study of insider detection in industrial wireless networks using real-world measurements from an industrial facility. Based on the study, we point out new directions for future research.
Similar content being viewed by others
References
Abbas S, Merabti M, Llewellyn-Jones D (2009) Signal strength based sybil attack detection in wireless ad hoc networks. In: Proceedings of DeSE. IEEE
Abbas S, Merabti M, Llewellyn-Jones D, Kifayat K (2013) Lightweight sybil attack detection in manets. IEEE Syst J 7(2):236–248
Bhuse V, Gupta A (2006) Anomaly intrusion detection in wireless sensor networks. J High Speed Netw 15 (1):33–51
Bradley AP (1997) The use of the area under the ROC curve in the evaluation of machine learning algorithms. Pattern Recogn 30(7):1145–1159
Brands S, Chaum D (1994) Distance-bounding protocols. In: Proceedings of EUROCRYPT, EUROCRYPT. Springer, New York
Butun I, Morgera SD, Sankar R (2014) A survey of intrusion detection systems in wireless sensor networks. IEEE Commun Surv Tutor 16(1):266–282
Capkun S, Hubaux JP (2006) Secure positioning in wireless networks. IEEE J Sel Areas Commun 24(2)
Chen Y, Xu W, Trappe W, Zhang Y (2009) Detecting and localizing wireless spoofing attacks. In: Securing emerging wireless systems. Springer, Berlin
Chen Y, Yang J, Trappe W, Martin RP (2010) Detecting and localizing identity-based attacks in wireless and sensor networks. IEEE Trans Veh Technol 59(5):2418–2434
Demirbas M, Song Y (2006) An rssi-based scheme for sybil attack detection in wireless sensor networks. In: Proceedings of WOWMOM. IEEE
Du X, Chen HH (2008) Security in wireless sensor networks. IEEE Trans Wirel Commun 15(4):60–66
Faria DB, Cheriton DR (2006) Detecting identity-based attacks in wireless networks using signalprints. In: Proceedings of WiSE. ACM
Glynos D, Kotzanikolaou P, Douligeris C (2005) Preventing impersonation attacks in manet with multi-factor authentication. In: Proceedings of WiOpt. IEEE
Hadziosmanovic D, Bolzoni D, Etalle S, Hartel P (2012) Challenges and opportunities in securing industrial control systems. In: Proceedings of COMPENG. IEEE, pp 1–6
Hadžiosmanović D, Sommer R, Zambon E, Hartel P (2014) Through the eye of the plc: semantic security monitoring for industrial processes. In: Proceedings of ACSAC, ACSAC. ACM
Henningsen S, Dietzel S, Scheuermann B (2017) Challenges of misbehavior detection in industrial wireless networks. In: Proceedings of Adhocnets 2017 (to appear)
Huang YA, Lee W (2003) A cooperative intrusion detection system for ad hoc networks. In: Proceedings of SASN. ACM
Jan MA, Nanda P, He X, Liu RP (2015) A sybil attack detection scheme for a centralized clustering-based hierarchical network. In: Proceedings of TrusCom, vol 1. IEEE
Jana S, Premnath SN, Clark M, Kasera SK, Patwari N, Krishnamurthy SV (2009) On the effectiveness of secret key extraction from wireless signal strength in real environments. In: Proceedings of MobiCom, MobiCom. ACM
Jøsang A (2016) Subjective logic—a formalism for reasoning under uncertainty. Artificial intelligence: foundations, theory, and algorithms. Springer, Berlin
Kargl F, van der Heijden RW, König H, Valdes A, Dacier MC (2014) Insights on the security and dependability of industrial control systems. IEEE Secur Privacy 12(6):75–78
Lamport L, Shostak R, Pease M (1982) The byzantine generals problem. ACM Trans Program Lang Syst 4(3):382–401
Langner R (2011) Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur Privacy 9(3):49–51
Li Z, Trappe W, Zhang Y, Nath B (2005) Robust statistical methods for securing wireless localization in sensor networks. In: Proceedings of IPSN. IEEE
Liu K, Deng J, Varshney PK, Balakrishnan K (2007) An acknowledgment-based approach for the detection of routing misbehavior in manets. IEEE Trans Mob Comput 6(5):536–550
Marti S, Giuli TJ, Lai K, Baker M (2000) Mitigating routing misbehavior in mobile ad hoc networks. In: Proceedings of MobiCom, MobiCom. ACM
Newsome J, Shi E, Song D, Perrig A (2004) The sybil attack in sensor networks: analysis & defenses. In: Proceedings of IPSN, IPSN. ACM
Onat I, Miri A (2005) An intrusion detection system for wireless sensor networks. In: Proceedings of WiMob, vol 3. IEEE
Radosavac S, Baras JS, Koutsopoulos I (2005) A framework for mac protocol misbehavior detection in wireless networks. In: Proceedings of WiSe. ACM
Sanzgiri K, Dahill B, Levine BN, Shields C, Belding-Royer EM (2002) A secure routing protocol for ad hoc networks. In: Proceedings of ICNP. IEEE
Sarafijanovic S, Le Boudec JY (2005) An artificial immune system approach with secondary response for misbehavior detection in mobile ad hoc networks. IEEE Trans Neural Netw 16(5):1076–1087
Sastry N, Shankar U, Wagner D (2003) Secure verification of location claims. In: Proceedings of WiSe. ACM
Veropoulos K, Campbell C, Cristianini N (1999) Controlling the sensitivity of support vector machines. In: Proceedings of IJCAI
Wang J, Yang G, Sun Y, Chen S (2007) Sybil attack detection based on rssi for wireless sensor network. In: Proceedings of WiCom. IEEE
Xiao L, Greenstein L, Mandayam N, Trappe W (2008) A physical-layer technique to enhance authentication for mobile terminals. In: Proceedings of ICC. IEEE
Xiao L, Greenstein L, Mandayam N, Trappe W (2008) Using the physical layer for wireless authentication in time-variant channels. IEEE Trans Wirel Commun 7(7):2571–2579
Xiao L, Greenstein L, Mandayam N, Trappe W (2009) Channel-based detection of sybil attacks in wireless networks. IEEE Trans Inf Forensics Secur 4(3):492–503
Xiao L, Reznik A, Trappe W, Ye C, Shah Y, Greenstein L, Mandayam N (2010) Phy-authentication protocol for spoofing detection in wireless networks. In: Proceedings of GLOBECOM. IEEE
Xu W, Trappe W, Zhang Y, Wood T (2005) The feasibility of launching and detecting jamming attacks in wireless networks. In: Proceedings of MobiHoc. ACM
Xu W, Ma K, Trappe W, Zhang Y (2006) Jamming sensor networks: attack and defense strategies. Netw Mag Glob Internetw 20(3):41–47
Yang H, Luo H, Ye F, Lu S, Zhang L (2004) Security in mobile ad hoc networks: challenges and solutions. IEEE Wirel Commun 11(1):38–47
Zhong S, Li L, Liu YG, Yang YR (2004) Privacy-preserving location-based services for mobile users in wireless networks. Technical Report
Acknowledgments
We would like to express our gratitude toward Robert Bosch GmbH, Corporate Research in Hildesheim for providing the channel measurements, on which the evaluation is based.
The work was partly funded by the German Federal Ministry of Education and Research under BMBF grant agreement no. 16KIS0222.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Henningsen, S., Dietzel, S. & Scheuermann, B. Misbehavior Detection in Industrial Wireless Networks: Challenges and Directions. Mobile Netw Appl 23, 1330–1336 (2018). https://doi.org/10.1007/s11036-018-1040-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-018-1040-0