| With the development of network communication, wireless network has been an absolutely necessary part of daily life. As a burgeoning type of wireless technology, for its costeffective,widely-used, easy deployment, and high reliability, wireless mesh network(WMN) is widely used in area dealing with emergencies such as military context, emergency communication, rescue rebuild and so on.However, WMN is particularly vulnerable to attacks, since its feature multi-hop conmunication and open wireless communication channel. Traditional centralized systems fail because there is no strict network boundary, and distributed or cooperative systems challenge the limited resources of the nodes. For this, this paper present an active probingbased intrusion detection sulution for WMN.In this paper, on the basis of active probing and bayesian theory, first we make feature extraction for major attacks, modeling attacks pattern for atomic attack signatures and malicious attack behavior by bayesian network, and defined detection rules for each subatomic attack, establish detection knowledge base; next we propose iterative probe selection strategy based on information gain, quantify the classification ability to detect sub-attacks by information gain according to the actual situation of each network communications, select the most dipartite sub-probe rules to determine the node status; then we proposed node status determination strategy based on the belief of nodes, define the belief as a standard to determine nodes’ final status; finally we design an intrusion system based on active probing for WMN and give a prototype implementation. We test the prototype system with the real attacks, the result proves that our system is able to complete high accuracy of the detection to packets dropping intrusions, verify the ability and stability of the prototype system. |
PDF Full Text Request