The problem of intrusion detection in wireless mesh networks (WMN) is challenging, primarily because of lack of single vantage points where traffic can be analyzed and the limited resources available to participating nodes. Although the problem has received some attention from the research community, little is known about the tradeoffs among different objectives, such as high network performance, low energy consumption, and high security effectiveness. In this research, we show how accurate intrusion detection can be achieved in such resource constrained environments. The major challenges that hinder the performance of intrusion detection systems (IDS) in WMN are resources (e.g., energy, processing, and storage capabilities) accompanied by the adhoc-dynamic communication flows. In light of these challenges, we classify the proposed solutions into four classes: 1) Resourceless Traffic Aware (RL-TW) IDS, 2) Resourceless Traffic Agnostic (RLTG) IDS, 3) Resourceful Traffic Agnostic (RF-TG) IDS, and 4) Resourceful Traffic Aware (RF-TW) IDS. To achieve a desirable level of intrusion detection in WMN, we propose a research program encompassing five thrusts. First we show how traffic-awareness helps IDS solutions achieving high detection rates in resource-constrained WMN. Next, we propose two RL-TG (i.e., cooperative and non-cooperative) IDS solutions that can optimally monitor the entire WMN traffic without relying on WMN traffic information. The third (RF-TG) and fourth (RF-TW) IDS solutions propose energy-efficient monitoring mechanisms for intrusion detection in battery-powered WMN for traffic-agnostic and traffic-aware scenarios, respectively. We then investigate the Attack and Fault Tolerance of our proposed solutions and finally enumerate potential improvements and future works for our proposed solutions.
The problem of intrusion detection in wireless mesh networks (WMN) is challenging, primarily because of lack of single vantage points where traffic can be analyzed and the limited resources available to participating nodes. Although the problem has received some attention from the research community, little is known about the tradeoffs among different objectives, such as high network performance, low energy consumption, and high security effectiveness. In this research, we show how accurate intrusion detection can be achieved in such resource constrained environments. The major challenges that hinder the performance of intrusion detection systems (IDS) in WMN are resources (e.g., energy, processing, and storage capabilities) accompanied by the adhoc-dynamic communication flows.
In light of these challenges, we classify the proposed solutions into four classes: 1) Resourceless Traffic Aware (RL-TW) IDS, 2) Resourceless Traffic Agnostic (RLTG) IDS, 3) Resourceful Traffic Agnostic (RF-TG) IDS, and 4) Resourceful Traffic Aware (RF-TW) IDS. To achieve a desirable level of intrusion detection in WMN, we propose a research program encompassing five thrusts. First we show how traffic-awareness helps IDS solutions achieving high detection rates in resource-constrained WMN. Next, we propose two RL-TG (i.e., cooperative and non-cooperative) IDS solutions that can optimally monitor the entire WMN traffic without relying on WMN traffic information. The third (RF-TG) and fourth (RF-TW) IDS solutions propose energy-efficient monitoring mechanisms for intrusion detection in battery-powered WMN for traffic-agnostic and traffic-aware scenarios, respectively. We then investigate the Attack and Fault Tolerance of our proposed solutions and finally enumerate potential improvements and future works for our proposed solutions.
