Intrusion Detection Techniques based on Cross Layer For Wireless Local Area Networks

Abstract

In this paper, we propose to design a cross-layer based intrusion detection technique for wireless networks. In this technique a combined weight value is computed from the Received Signal Strength (RSS) and Time Taken for RTS-CTS handshake between sender and receiver (TT). Since it is not possible for an attacker to assume the RSS exactly for a sender by a receiver, it is an useful measure for intrusion detection. We propose that we can develop a dynamic profile for the communicating nodes based on their RSS values through monitoring the RSS values periodically for a specific Mobile Station (MS) or a Base Station (BS) from a server. Monitoring observed TT values at the server provides a reliable passive detection mechanism for session hijacking attacks since it is an unspoofable parameter related to its measuring entity. If the weight value is greater than a threshold value, then the corresponding node is considered as an attacker. By suitably adjusting the threshold value and the weight constants, we can reduce the false positive rate, significantly. By simulation results, we show that our proposed technique attains low misdetection ratio and false positive rate while increasing the packet delivery ratio.