[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs

  • Conference paper
Information Systems Security (ICISS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5905))

Included in the following conference series:

Abstract

Mobile Ad-hoc Networks (MANETs) are very dynamic networks with devices continuously entering and leaving the group. The highly dynamic nature of MANETs renders the manual creation and update of policies associated with the initial incorporation of devices to the MANET (admission control) as well as with anomaly detection during communications among members (access control) a very difficult task. In this paper, we present BARTER, a mechanism that automatically creates and updates admission and access control policies for MANETs based on behavior profiles. BARTER is an adaptation for fully distributed environments of our previously introduced BB-NAC mechanism for NAC technologies. Rather than relying on a centralized NAC enforcer, MANET members initially exchange their behavior profiles and compute individual local definitions of normal network behavior. During admission or access control, each member issues an individual decision based on its definition of normalcy. Individual decisions are then aggregated via a threshold cryptographic infrastructure that requires an agreement among a fixed amount of MANET members to change the status of the network. We present experimental results using content and volumetric behavior profiles computed from the ENRON dataset. In particular, we show that the mechanism achieves true rejection rates of 95% with false rejection rates of 9%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bloom, B.H.: Space/Time tradeoffs in hash coding with allowable errors. Communications of the ACM 13(7) (1970)

    Google Scholar 

  2. ENRON Dataset (2004), www.cs.cmu.edu/~enron

  3. Frias-Martinez, V., Stolfo, S.J., Keromytis, A.D.: Behavior-Based Network Access Control: A Proof-of-Concept. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 175–190. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  4. Frias-Martinez, V., Stolfo, S.J., Keromytis, A.D.: Behavior-Profile Clustering for False Alert Reduction in Anomaly Detection Sensors. In: ACSAC (2008)

    Google Scholar 

  5. Frias-Martinez, V., et al.: A Network Access Control Mechanism Based on Behavior Profiles. In: ACSAC (2009)

    Google Scholar 

  6. Hastad, J., et al.: Funkspiel Schemes: An Alternative to Conventional Tamper Resistance. In: Proc. of the 7th ACM Conf. on Computer Commun. Security (2000)

    Google Scholar 

  7. Herzberg, A., et al.: Proactive Secret Sharing Or: How to Cope with the Perpetual Leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995)

    Google Scholar 

  8. Luo, H., Lu, S.: Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks, Technical Report, UCLA (2000)

    Google Scholar 

  9. Narasimha, M., et al.: On the utility of Distributed Cryptography in P2P and MANETs: the case of Membership Control. In: Proc. of the 11th ICNP (2003)

    Google Scholar 

  10. Ostrovsky, R., Yung, M.: How To Withstand Mobile Virus Attacks. In: Proc. of the 10th ACM Symp. on the Principles of Distributed Computing (1991)

    Google Scholar 

  11. Papadimitratos, P., Haas, Z.J.: Secure Data Transmission in Mobile Ad Hoc Networks. In: Proceedings of the ACM Workshop on Wireless Security, WiSe (2003)

    Google Scholar 

  12. Pedersen, T.P.: A Threshold Cryptosystem without a Trusted Party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547. Springer, Heidelberg (1991)

    Google Scholar 

  13. Shamir, A.: How to share a secret. Communications ACM 22(11) (1979)

    Google Scholar 

  14. Shaner, R.A.: US Patent No. 5,991,714 (November 1999)

    Google Scholar 

  15. Snort Rulesets, http://www.snort.org/pub-in/downloads.cgi

  16. Stolfo, S.J., et al.: Behavior-based Modeling and its Application to Email Analysis. ACM Transactions on Internet Technology (TOIT) 6(2) (2006)

    Google Scholar 

  17. VXHeavens, vx.netlux.org

  18. Zhang, Y., Lee, W., Huang, Y.: Intrusion Detection Techniques for Mobile Wireless Networks. Mobile Networks and Applications 9(5) (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Telefónica Research, Madrid, Spain

    Vanessa Frias-Martinez

  2. Computer Science Department, Columbia University, New York, USA

    Salvatore J. Stolfo & Angelos D. Keromytis

Authors
  1. Vanessa Frias-Martinez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Salvatore J. Stolfo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Angelos D. Keromytis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Electrical Engineering and Computer Science Department, University of Michigan, 48109, Ann Arbor, MI, USA

    Atul Prakash

  2. Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, India

    Indranil Sen Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Frias-Martinez, V., Stolfo, S.J., Keromytis, A.D. (2009). BARTER: Behavior Profile Exchange for Behavior-Based Admission and Access Control in MANETs. In: Prakash, A., Sen Gupta, I. (eds) Information Systems Security. ICISS 2009. Lecture Notes in Computer Science, vol 5905. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10772-6_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10772-6_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10771-9

  • Online ISBN: 978-3-642-10772-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation