Intrusion detection in mobile and wireless networks using electronic profiling

Dr. Michel Barbeau
School of Computer Science
Carleton University



ABSTRACT

Theft of identity and intrusion are nowadays a plea in mobile and wireless networks. Identity theft detection and intrusion detection can be addressed in two different ways, either by misuse detection or anomaly detection. Misuse detection is conducted by recognizing instances of well known patterns of attacks. The main limitation of this approach is that the system fails to uncover new kinds of attacks unless it is instructed how to do so. Anomaly detection consists of observing and recognizing deviations from normal behavior. The main limitation is that it generates a higher rate of false positives than the misuse detection approach.

The limitations of anomaly detection can be pushed farther by combining observations across several domains and across time. Indeed, an intrusion unfolds in many aspects of a network. In this talk, we will explain node profiling exploiting the unique hardware signature of their wireless interface and unique signature of their pattern of mobility. We will discuss how observations of these types can be combined in space and time to detect intruders during live network operation.

This work is co-authored with Jeyanthi Hall and Prof. Evangelos Kranakis.

BIOGRAPHY

Michel Barbeau is a Professor in the School of Computer Science at Carleton University, since 2000. He has a Ph.D. degree in computer science from University of Montreal, 1991. He can be described best as a software expert with specific expertise in telecommunication protocols and mobile and wireless networks.