Anomaly detection of network-initiated LTE signaling traffic in wireless sensor and actuator networks based on a Hidden semi-Markov Model. Issue 65 (March 2017)
- Record Type:
- Journal Article
- Title:
- Anomaly detection of network-initiated LTE signaling traffic in wireless sensor and actuator networks based on a Hidden semi-Markov Model. Issue 65 (March 2017)
- Main Title:
- Anomaly detection of network-initiated LTE signaling traffic in wireless sensor and actuator networks based on a Hidden semi-Markov Model
- Authors:
- Bang, June-ho
Cho, Young-Jong
Kang, Kyungran - Abstract:
- Abstract: LTE signaling attack is a serious threat to a wireless sensor and actuator network whose facilities are dispersed and connected with LTE technology on a large scale, in order to conduct a particular mission. An LTE attacker generates a lot of signaling initiating packets, named wakeup packets, to saturate the LTE network's resources. Existing LTE signaling attack detection schemes are merely based on measuring the mean wakeup packet generation rate. Since resulting from extensive amounts of facilities involved in a normal management process, severe fluctuations of signaling traffic are ordinarily expected in the wireless sensor and actuator network, and those mean-based schemes cannot effectively distinguish between attacks and normal traffic. In this paper, we propose an advanced LTE signaling attack detection scheme based on a Hidden semi-Markov model, which captures the spatial–temporal characteristics of normal wakeup packet generation behavior. Our proposed detector takes the log-likelihood of a node's wakeup packet generation as the test criterion for normality. Through simulations with various parameter settings, we verified that the proposed scheme effectively distinguishes attacker nodes from normal nodes.
- Is Part Of:
- Computers & security. Issue 65(2017)
- Journal:
- Computers & security
- Issue:
- Issue 65(2017)
- Issue Display:
- Volume 65, Issue 65 (2017)
- Year:
- 2017
- Volume:
- 65
- Issue:
- 65
- Issue Sort Value:
- 2017-0065-0065-0000
- Page Start:
- 108
- Page End:
- 120
- Publication Date:
- 2017-03
- Subjects:
- Wireless sensor and actuator network -- LTE signaling attack -- Hidden semi-Markov Model -- Anomaly detection -- Intrusion detection system
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2016.11.008 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 2408.xml