Cross Layer Techniques for Intrusion Tolerant Networks

The proliferation of wireless networks over the past decade has made security a major concern for these networks and the applications that have to use them. Wireless networks have fundamental characteristics that make them significantly different from traditional wired networks, particularly with regard to security and reliability. Moreover there is an increasing trend for access to services residing on fixed (e.g. enterprise) networks via wireless access. Therefore the design of secure and reliable wireless networks presents a major challenge to the designers of next generation networks with general public wireless access. It is also expected that many future networks will have to live under the threat of attacks as a matter of course. Current research attempts to secure networks against all types of attack, at all times and generally irrespective of the cost to the performance of the network. This research proposal aims to investigate a new type of integrated, flexible, and intelligent security architecture for providing tolerance to intrusion attacks against next generation networks with wireless access. Thus our goal is not to prevent intrusions but to enable network architectures to withstand them. Central to the work will be the design of a distributed Intrusion tolerance system that is based on a cross layer detection and mitigation approach. As such, intrusion detection and mitigation will be integrated within the layered architecture of the network so that the network has an intelligent view of the overall level of threat(s) posed at any time throughout the network. This approach brings a number of significant advantages over existing intrusion detection systems (IDS) particularly when applied to wireless access networks that have to withstand some level of attacks over prolonged periods.