Cross Layer Techniques for Intrusion Tolerant Networks
Lead Research Organisation:
Loughborough University
Department Name: Electronic, Electrical & Systems Enginee
Abstract
Abstracts are not currently available in GtR for all funded research. This is normally because the abstract was not required at the time of proposal submission, but may be because it included sensitive information such as personal details.
People |
ORCID iD |
David Parish (Principal Investigator) |
Publications
Navarro F
(2013)
An automatic and self-adaptive multi-layer data fusion system for WiFi attack detection
in International Journal of Internet Technology and Secured Transactions
Kyriakopoulos K
(2011)
Fusing multi-layer metrics for detecting security attacks in 802.11 networks
Aparicio-Navarro, Francisco J
(2012)
A multi-layer data fusion system for wi-fi attack detection using automatic belief assignment
in WorldCIS
Aparicio-Navarro Francisco J.
(2014)
Using metrics from multiple layers to detect attacks in wireless networks
Aparicio-Navarro F
(2011)
An on-line wireless attack detection system using multi-layer data fusion
Description | The work is aimed at providing or improving network resilience against attack. The idea, as generally presented by others, is that attacks against a communication network are managed in such a way that some continued operation of the network continues, possibly in a reduced state of ability. Our approach to provide such resilience is to identify potential attacks and classify them with high accuracy and efficiency, and mitigate their effects by utilising cross and mixed layer techniques. This infers that an attack or dangerous situation may manifest itself at some, but not all, layers of a communication network and, once identified, the optimal response may be performed at other layers. The project has pursued an anomaly based approach to the identification of attacks. Cross-layer detection has been performed via a data fusion and current work is investigating how basic beliefs in attack can be assigned at low cost. The approach has been evaluated extensively on a WiFi (IEEE 802.11) network and demonstrated on a WiMAX (IEEE 802.16) testbed. Current work is investigating how the approach would work on LTE networks via simulation. The project has developed fully functional code for WiFi operation which identifies and blocks Man-in-the-Middle and Rogue Access Point attacks carried out by direct frame injection to PC based Windows or Linux machines. A data set representing live traffic traces for these attacks has also been collected. |
Exploitation Route | The approach and software will provide protection and resilience to users on wireless networks and, potentially, LTE networks. The approach could be incorporated into security products for user machines on wireless networks. The current implementation could be made available for use on such machines in a stand alone manner. The data set would be used by others researching Direct Frame Injection type attacks. |
Sectors | Digital/Communication/Information Technologies (including Software) Security and Diplomacy |
URL | http://www.lboro.ac.uk/departments/el/research/communications/networks/cross-layer.html#tab=abstract |
Description | 1. Via publications in conferences and journals. 2. Via presentations and demonstrations to industry. 3. As executable software to protect a WiFi node 4. Via a commercial licensing agreement 5. As examples in lecture material |
First Year Of Impact | 2011 |
Sector | Digital/Communication/Information Technologies (including Software),Education,Electronics,Security and Diplomacy |
Impact Types | Economic Policy & public services |
Title | WiFi attack dataset |
Description | A packet capture dataset from a WiFi network when subjected to different low attacks which are difficult to detect using traditional approaches |
Type Of Material | Database/Collection of data |
Year Produced | 2012 |
Provided To Others? | Yes |
Impact | Used to develop and verify a multi-layer fusion based attack detection algorithm. |
URL | http://homepages.lboro.ac.uk/~elkk/Site/Testbed_data.html |
Description | Rohde?hwarz |
Organisation | Rohde and Schwarz |
Country | Germany |
Sector | Private |
PI Contribution | To show how wireless net equipment can be used to help in identifying network attacks. |
Collaborator Contribution | Provision of advanced WiMAX emulation equipment for verification of algorithms on different network types. |
Impact | Performance of the detector in WiMAX networks |
Start Year | 2009 |
Title | Software for the detection of wireless network attacks using cross-layer data fusion |
Description | Software which fuses beliefs in attack developed from network frame data, |
IP Reference | |
Protection | Protection not required |
Year Protection Granted | 2012 |
Licensed | Yes |
Impact | Software license was sold commercially to third party company, |
Title | Automatic belief genaration for Dempster-Schaffer fusion. |
Description | Software to automatically generate Beliefs in Normal, Anomaly and Uncertainty for Dempster-Schaffer combinaion of predictors of netwark attack. |
Type Of Technology | Software |
Year Produced | 2012 |
Impact | Believed to be the only simple, adaptive approach. |
Description | Exchange visits with Universities in Naples |
Form Of Engagement Activity | Participation in an open day or visit at my research institution |
Part Of Official Scheme? | No |
Geographic Reach | International |
Primary Audience | Participants in your research and patient groups |
Results and Impact | Papers. Membership of Conference organisation committees Exchange of Ph.D students More positive industry interest in working with partnership |
Year(s) Of Engagement Activity | 2010,2012,2013,2014 |