Intrusion detection in mobile and wireless networks using electronic profiling
Dr. Michel Barbeau
School of Computer Science
Carleton University
ABSTRACT
Theft of identity and intrusion are nowadays a plea in mobile and
wireless networks. Identity theft detection and intrusion detection can
be addressed in two different ways, either by misuse detection or
anomaly detection. Misuse detection is conducted by recognizing
instances of well known patterns of attacks. The main limitation of this
approach is that the system fails to uncover new kinds of attacks unless
it is instructed how to do so. Anomaly detection consists of observing
and recognizing deviations from normal behavior. The main limitation is
that it generates a higher rate of false positives than the misuse
detection approach.
The limitations of anomaly detection can be pushed farther by combining
observations across several domains and across time. Indeed, an
intrusion unfolds in many aspects of a network. In this talk, we will
explain node profiling exploiting the unique hardware signature of their
wireless interface and unique signature of their pattern of mobility. We
will discuss how observations of these types can be combined in space
and time to detect intruders during live network operation.
This work is co-authored with Jeyanthi Hall and Prof. Evangelos Kranakis.
BIOGRAPHY
Michel Barbeau is a Professor in the School of Computer Science at
Carleton University, since 2000. He has a Ph.D. degree in computer
science from University of Montreal, 1991. He can be described best as
a software expert with specific expertise in telecommunication protocols
and mobile and wireless networks.