Home > Research > Publications & Outputs > OpenLIDS
View graph of relations

OpenLIDS: a lightweight intrusion detection system for wireless mesh networks

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

OpenLIDS: a lightweight intrusion detection system for wireless mesh networks. / Hugelshofer, Fabian; Smith, Paul; Hutchison, David et al.
Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009). New York: ACM, 2009. p. 309-320.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Hugelshofer, F, Smith, P, Hutchison, D & Race, NJP 2009, OpenLIDS: a lightweight intrusion detection system for wireless mesh networks. in Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009). ACM, New York, pp. 309-320, International Conference on Mobile Computing and Networking (MobiCom'2009), Beijing, China, 1/01/09. https://doi.org/10.1145/1614320.1614355

APA

Hugelshofer, F., Smith, P., Hutchison, D., & Race, N. J. P. (2009). OpenLIDS: a lightweight intrusion detection system for wireless mesh networks. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009) (pp. 309-320). ACM. https://doi.org/10.1145/1614320.1614355

Vancouver

Hugelshofer F, Smith P, Hutchison D, Race NJP. OpenLIDS: a lightweight intrusion detection system for wireless mesh networks. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009). New York: ACM. 2009. p. 309-320 doi: 10.1145/1614320.1614355

Author

Hugelshofer, Fabian ; Smith, Paul ; Hutchison, David et al. / OpenLIDS : a lightweight intrusion detection system for wireless mesh networks. Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009). New York : ACM, 2009. pp. 309-320

Bibtex

@inproceedings{231ca71080534dfe89b2088088737a1f,
title = "OpenLIDS: a lightweight intrusion detection system for wireless mesh networks",
abstract = "Wireless mesh networks are being used to provide Internet access in a cost efficient manner. Typically, consumer-level wireless access points with modified software are used to route traffic to potentially multiple back-haul points. Malware infected computers generate malicious traffic, which uses valuable network resources and puts other systems at risk. Intrusion detection systems can be used to detect such activity. Cost constraints and the decentralised nature of WMNs make performing intrusion detection on mesh devices desirable. However, these devices are typically resource constrained. This paper describes the results of examining their ability to perform intrusion detection. Our experimental study shows that commonly-used deep packet inspection approaches are unreliable on such hardware. We implement a set of lightweight anomaly detection mechanisms as part of an intrusion detection system, called OpenLIDS. We show that even with the limited hardware resources of a mesh device, it can detect current malware behaviour in an efficient way.",
keywords = "network resilience, intersection project, wray broadband project ",
author = "Fabian Hugelshofer and Paul Smith and David Hutchison and Race, {Nicholas J. P.}",
year = "2009",
doi = "10.1145/1614320.1614355",
language = "English",
isbn = "978-1-60558-702-8",
pages = "309--320",
booktitle = "Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009)",
publisher = "ACM",
note = "International Conference on Mobile Computing and Networking (MobiCom'2009) ; Conference date: 01-01-2009",

}

RIS

TY - GEN

T1 - OpenLIDS

T2 - International Conference on Mobile Computing and Networking (MobiCom'2009)

AU - Hugelshofer, Fabian

AU - Smith, Paul

AU - Hutchison, David

AU - Race, Nicholas J. P.

PY - 2009

Y1 - 2009

N2 - Wireless mesh networks are being used to provide Internet access in a cost efficient manner. Typically, consumer-level wireless access points with modified software are used to route traffic to potentially multiple back-haul points. Malware infected computers generate malicious traffic, which uses valuable network resources and puts other systems at risk. Intrusion detection systems can be used to detect such activity. Cost constraints and the decentralised nature of WMNs make performing intrusion detection on mesh devices desirable. However, these devices are typically resource constrained. This paper describes the results of examining their ability to perform intrusion detection. Our experimental study shows that commonly-used deep packet inspection approaches are unreliable on such hardware. We implement a set of lightweight anomaly detection mechanisms as part of an intrusion detection system, called OpenLIDS. We show that even with the limited hardware resources of a mesh device, it can detect current malware behaviour in an efficient way.

AB - Wireless mesh networks are being used to provide Internet access in a cost efficient manner. Typically, consumer-level wireless access points with modified software are used to route traffic to potentially multiple back-haul points. Malware infected computers generate malicious traffic, which uses valuable network resources and puts other systems at risk. Intrusion detection systems can be used to detect such activity. Cost constraints and the decentralised nature of WMNs make performing intrusion detection on mesh devices desirable. However, these devices are typically resource constrained. This paper describes the results of examining their ability to perform intrusion detection. Our experimental study shows that commonly-used deep packet inspection approaches are unreliable on such hardware. We implement a set of lightweight anomaly detection mechanisms as part of an intrusion detection system, called OpenLIDS. We show that even with the limited hardware resources of a mesh device, it can detect current malware behaviour in an efficient way.

KW - network resilience

KW - intersection project

KW - wray broadband project

UR - http://www.scopus.com/inward/record.url?scp=70450252038&partnerID=8YFLogxK

U2 - 10.1145/1614320.1614355

DO - 10.1145/1614320.1614355

M3 - Conference contribution/Paper

SN - 978-1-60558-702-8

SP - 309

EP - 320

BT - Proceedings of the 15th Annual International Conference on Mobile Computing and Networking (MobiCom 2009)

PB - ACM

CY - New York

Y2 - 1 January 2009

ER -