A Framework for MAC Protocol Misbehavior Detection in Wireless Networks
Conference : 4th ACM Workshop on Wireless Security pp. 33-42
Date: September 01 - September 01, 2005
The pervasiveness of wireless devices and the architectural organization of wireless networks in distributed communities, where no notion of trust can be assumed, are the main reasons for the growing interest in the issue of compliance to protocol rules. Reliable and timely detection of deviation from legitimate protocol operation is recognized as a prerequisite for ensuring efficient and fair use of network resources and minimizing performance losses. Nevertheless, the random nature of protocol operation together with the inherent difficulty of monitoring in the open and highly volatile wireless medium poses significant challenges. In this paper, we consider the fundamental problem of detection of node misbehavior at the MAC layer. Starting from a model where the behavior of a node is observable, we cast the problem within a minimax robust detection framework, with the objective to provide a detection rule of optimum performance for the worst-case attack. The performance is measured in terms of required number of observations in order to derive a decision. This framework is meaningful for studying misbehavior because it captures the presence of uncertainty of attacks and concentrates on the attacks that are most significant in terms of incurred performance losses. It also refers to the case of an intelligent attacker that can adapt its policy to avoid being detected. Although the basic model does not include interference, we show that our ideas can be extended to the case where observations are hindered by interference due to concurrent transmissions. We also present some hints for the problem of notifying the rest of the network about a misbehavior event. Our work provides interesting insights and performance bounds and serves as a prelude to a future study that would capture more composite instances of the problem.