Research Direction Introduction Advisor: Professor Frank Y.S. Lin Present by Hubert J.W. Wang.

Slides:



Advertisements
Similar presentations
Capacity of wireless ad-hoc networks By Kumar Manvendra October 31,2002.
Advertisements

A Centralized Scheduling Algorithm based on Multi-path Routing in WiMax Mesh Network Yang Cao, Zhimin Liu and Yi Yang International Conference on Wireless.
Min Song 1, Yanxiao Zhao 1, Jun Wang 1, E. K. Park 2 1 Old Dominion University, USA 2 University of Missouri at Kansas City, USA IEEE ICC 2009 A High Throughput.
21-23 November, 2012, 5th IDCS, Wu Yi Shan, China Smartening the Environment using Wireless Sensor Networks in a Developing Country Presented By Al-Sakib.
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.
CSE 6590 Department of Computer Science & Engineering York University 1 Introduction to Wireless Ad-hoc Networking 5/4/2015 2:17 PM.
David Ripplinger, Aradhana Narula-Tam, Katherine Szeto AIAA 2013 August 21, 2013 Scheduling vs Random Access in Frequency Hopped Airborne.
Delay and Throughput in Random Access Wireless Mesh Networks Nabhendra Bisnik, Alhussein Abouzeid ECSE Department Rensselaer Polytechnic Institute (RPI)
Source-Location Privacy Protection in Wireless Sensor Network Presented by: Yufei Xu Xin Wu Da Teng.
Defending Against Traffic Analysis Attacks in Wireless Sensor Networks Security Team
Research Direction Introduction Advisor : Frank, Y.S. Lin Presented by Yu Pu Wu.
Wireless Mesh Networks 1. Architecture 2 Wireless Mesh Network A wireless mesh network (WMN) is a multi-hop wireless network that consists of mesh clients.
Arsitektur Jaringan Terkini
An Effective Placement of Detection Systems for Distributed Attack Detection in Large Scale Networks Telecommunication and Security LAB. Dept. of Industrial.
Yanyan Yang, Yunhuai Liu, and Lionel M. Ni Department of Computer Science and Engineering, Hong Kong University of Science and Technology IEEE MASS 2009.
NTU IM OPLAB Providing survivability against jamming attack for multi-radio multi-channel wireless mesh networks Journal of Network and Computer Applications.
Switching Techniques Student: Blidaru Catalina Elena.
COGNITIVE RADIO FOR NEXT-GENERATION WIRELESS NETWORKS: AN APPROACH TO OPPORTUNISTIC CHANNEL SELECTION IN IEEE BASED WIRELESS MESH Dusit Niyato,
Capacity of Wireless Mesh Networks: Comparing Single- Radio, Dual-Radio, and Multi- Radio Networks By: Alan Applegate.
Unwanted Link Layer Traffic in Large IEEE Wireless Network By Naga V K Akkineni.
Secure Cell Relay Routing Protocol for Sensor Networks Xiaojiang Du, Fengiing Lin Department of Computer Science North Dakota State University 24th IEEE.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
Multicast Algorithms for Multi- Channel Wireless Mesh Networks Guokai Zeng, Bo Wang, Yong Ding, Li Xiao, Matt Mutka Department of Computer Science and.
Improving Capacity and Flexibility of Wireless Mesh Networks by Interface Switching Yunxia Feng, Minglu Li and Min-You Wu Presented by: Yunxia Feng Dept.
Communication Networks Fourth Meeting. Types of Networks  What is a circuit network?  Two people are connected and allocated them their own physical.
Wireless Mesh Network 指導教授:吳和庭教授、柯開維教授 報告:江昀庭 Source reference: Akyildiz, I.F. and Xudong Wang “A survey on wireless mesh networks” IEEE Communications.
Switching breaks up large collision domains into smaller ones Collision domain is a network segment with two or more devices sharing the same Introduction.
Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.
Maximum Network Lifetime in Wireless Sensor Networks with Adjustable Sensing Ranges Cardei, M.; Jie Wu; Mingming Lu; Pervaiz, M.O.; Wireless And Mobile.
Who Is Peeping at Your Passwords at Starbucks? To Catch an Evil Twin Access Point DSN 2010 Yimin Song, Texas A&M University Chao Yang, Texas A&M University.
Protection vs. false targets in series systems Reliability Engineering and System Safety(2009) Kjell Hausken, Gregory Levitin Advisor: Frank,Yeong-Sung.
A Novel Multicast Routing Protocol for Mobile Ad Hoc Networks Zeyad M. Alfawaer, GuiWei Hua, and Noraziah Ahmed American Journal of Applied Sciences 4:
REECH ME: Regional Energy Efficient Cluster Heads based on Maximum Energy Routing Protocol Prepared by: Arslan Haider. 1.
Secure and Energy-Efficient Disjoint Multi-Path Routing for WSNs Presented by Zhongming Zheng.
S Master’s thesis seminar 8th August 2006 QUALITY OF SERVICE AWARE ROUTING PROTOCOLS IN MOBILE AD HOC NETWORKS Thesis Author: Shan Gong Supervisor:Sven-Gustav.
DDoS Attack and Defense 郭承賓 (Allen C.B. Kuo). Autonomous System Entry node.
Optimal Resource Allocation for Protecting System Availability against Random Cyber Attack International Conference Computer Research and Development(ICCRD),
Mitigation strategies on scale-free networks against cascading failures Jianwei Wang Adviser: Frank,Yeong-Sung Lin Present by Chris Chang.
Redundancy and Defense Resource Allocation Algorithms to Assure Service Continuity against Natural Disasters and Intelligent Attackers Advisor: Professor.
1 Utilizing Shared Vehicle Trajectories for Data Forwarding in Vehicular Networks IEEE INFOCOM MINI-CONFERENCE Fulong Xu, Shuo Gu, Jaehoon Jeong, Yu Gu,
Rate-Based Channel Assignment Algorithm for Multi-Channel Multi- Rate Wireless Mesh Networks Sok-Hyong Kim and Young-Joo Suh Department of Computer Science.
CS3502: Data and Computer Networks Local Area Networks - 1 introduction and early broadcast protocols.
Performance of Adaptive Beam Nulling in Multihop Ad Hoc Networks Under Jamming Suman Bhunia, Vahid Behzadan, Paulo Alexandre Regis, Shamik Sengupta.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs.
Research Direction Introduction Advisor: Professor Frank Y.S. Lin Present by Hubert J.W. Wang.
1 An Arc-Path Model for OSPF Weight Setting Problem Dr.Jeffery Kennington Anusha Madhavan.
CS3502: Data and Computer Networks Local Area Networks - 1 introduction and early broadcast protocols.
Energy-Efficient Randomized Switching for Maximizing Lifetime in Tree- Based Wireless Sensor Networks Sk Kajal Arefin Imon, Adnan Khan, Mario Di Francesco,
Video Streaming Transmission Over Multi-channel Multi-path Wireless Mesh Networks Speaker : 吳靖緯 MA0G WiCOM '08. 4th International.
1 11 Distributed Channel Assignment in Multi-Radio Mesh Networks Bong-Jun Ko, Vishal Misra, Jitendra Padhye and Dan Rubenstein Columbia University.
E FFECTIVE N ETWORK P LANNING AND D EFENDING S TRATEGIES TO M INIMIZE S ERVICE C OMPROMISED P ROBABILITY UNDER M ALICIOUS C OLLABORATIVE A TTACKS Advisor:
A Bandwidth Scheduling Algorithm Based on Minimum Interference Traffic in Mesh Mode Xu-Yajing, Li-ZhiTao, Zhong-XiuFang and Xu-HuiMin International Conference.
1 On Detection and Concealment of Critical Roles in Tactical Wireless Networks Zhuo Lu University of Memphis Cliff Wang Army Research Office Mingkui Wei.
Research Direction Introduction
Research Direction Introduction Advisor : Frank, Y.S. Lin Presented by Yu Pu Wu.
Research Direction Introduction Advisor: Frank, Yeong-Sung Lin Presented by Hui-Yu, Chung 2011/11/22.
Presented by Yu-Shun Wang Advisor: Frank, Yeong-Sung Lin Near Optimal Defense Strategies to Minimize Attackers’ Success Probabilities for networks of Honeypots.
Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/11/29 1 Research Direction Introduction.
1 Wireless Networks Lecture 31 Wireless Mesh Networks Dr. Ghalib A. Shah.
Switching Techniques In large networks there might be multiple paths linking sender and receiver. Information may be switched as it travels through various.
Net 435: Wireless sensor network (WSN)
Research Progress Report
Optimization of Wireless Station Time Slot Allocation with Consideration of Throughput and Delay Constraints 指導教授:林永松 博士 研究生:林岦毅.
Presented by Hermes Y.H. Liu
Qingwen Liu, Student Member, IEEE Xin Wang, Member, IEEE,
Research Progress Report
Advisor: Frank Yeong-Sung Lin, Ph.D. Presented by Yu-Jen Hsieh 謝友仁
Presented by Yu-Shun Wang
Advisor: Yeong-Sung, Lin, Ph.D. Presented by Yu-Ren, Hsieh
Advisor: Frank,Yeong-Sung Lin Presented by Jia-Ling Pan
Presentation transcript:

Research Direction Introduction Advisor: Professor Frank Y.S. Lin Present by Hubert J.W. Wang

Outline Problem Description Mathematical Formulation 2010/12/16 2 NTU OPLab

Problem Description

Problem ▫ Topology information gathering ▫ Jamming attack Environment ▫ Infrastructure/Backbone WMNs Role ▫ Attacker ▫ Defender(Service provider) 2010/12/16 4 NTU OPLab

Defender Attributes ▫ Nodes  Base Station  Mesh router(with 2 NICs)  Mesh client  Honeynode(with 3 NICs)  Locator  Static  Mobile 2010/12/16 5 NTU OPLab

Defender(cont’) Attributes ▫ Budget  Planning phase  Topology planning  Non-deception based ▫ General defense resource ▫ Detection resource ▫ Localization resource  Deception based  Defending phase  Jamming mitigation  Localization ▫ Approximate ▫ Precise 2010/12/16 6 NTU OPLab

Defender(cont’) Strategies ▫ Planning phase  Deterrence  Deception ▫ Goal  Protect BS  Protect Nodes with high population  Protect with high traffic  Protect valuable information(ex. routing table, traffic) 2010/12/16 7 NTU OPLab

Defender(cont’) Strategies ▫ Defending phase  Population re-allocation  Average population  Average traffic  Priority of jammer removing  Importance oriented  Difficulty oriented 2010/12/16 8 NTU OPLab

Attacker Attributes ▫ Budget  Preparing phase  Node compromising  Jammer choosing ▫ High quality jammers ▫ Normal jammers ▫ Capability  Capability of compromising nodes  Capability of recognizing fake info. 2010/12/16 9 NTU OPLab

Attacker(cont’) Strategies ▫ Preparing phase  Node compromising  Be aggressive  Least resistance  Be stealthy  Easiest to find  Topology extending  Random 2010/12/16 10 NTU OPLab

Attacker(cont’) Strategies ▫ Preparing phase(cont’)  Jammer selection  Maximize attack effectiveness  Maximize jammed range 2010/12/16 11 NTU OPLab

Attacker(cont’) Strategies ▫ Attacking phase  Maximize jammed users  Maximize affected traffic 2010/12/16 12 NTU OPLab

Scenario 2010/12/16 13 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource

Scenario(cont’) For attacker ▫ Objective:  Service disruption ▫ Incomplete information of the network ▫ Budget limited For defender ▫ Objective:  Maintain the quality of service ▫ Budget limited 2010/12/16 14 NTU OPLab

Scenario – Network Architecture 2010/12/16 15 NTU OPLab Base Station Mesh router

I must protect Core Nodes Scenario – Defender’s Planning Phase 2010/12/16 16 NTU OPLab BS Node with high population Base Station Mesh router

Scenario – Defender’s Planning Phase(cont’) 2010/12/16 17 NTU OPLab Base Station Mesh router Honeynode Attacker Nodes with more defense resource I must protect Core Nodes A B C D E F G Why didn’t the defender protect all the nodes with high population? 1.Budget limited. 2.The effectiveness of doing so may not be the best. 3.There are other ways to deploy resources.

Scenario – Defender’s Planning Phase(cont’) 2010/12/16 18 NTU OPLab Base Station Mesh router Honeynode Attacker Nodes with more defense resource I must protect Core Nodes Effect of the defense resource may be: 1.Reduce the probability of being compromised

Scenario – Defender’s Planning Phase(cont’) 2010/12/16 19 NTU OPLab Base Station Mesh router Honeynode Attacker Nodes with more defense resource I must protect Core Nodes Effect of the defense resource may be: 2.Prevent the attacker from getting closer to the important nodes.

Scenario – Defender’s Planning Phase(cont’) 2010/12/16 20 NTU OPLab Base Station Mesh router Honeynode Attacker Nodes with more defense resource I must protect Core Nodes Effect of the defense resource may be: 3.Attract attacks to prevent it from getting close to the important nodes.

Scenario – Defender’s Planning Phase(cont’) 2010/12/16 21 NTU OPLab Base Station Mesh router Honeynode Attacker Nodes with more defense resource I must protect Core Nodes A B C D E F G Effect of the defense resource may be: 4.Avoid attacks to prevent it from getting close to the important nodes.

Scenario – Attacker’s Preparing Phase 2010/12/16 22 NTU OPLab Signal Strength Initially, the attacker has following info: 1.Number of channels. 2.Signal power of each channel. 3.Traffic amount of each channel. 4.Defense strength of each mesh node A B C D E F G

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 23 NTU OPLab Signal Strength The honeynode: If the real channel is compromised, the attacker will be able to identify this target in attacking phase A B C D E F G

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 24 NTU OPLab Signal Strength The attacker’s strategies: Maximize attack effectiveness. Maximize jammed users The initial node will be.. The node with the strongest signal power 90 A B C 20 D E F G

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 25 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Attacker Nodes with more defense resource A B C D E F G H I J K L

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 26 NTU OPLab Signal Strength After compromise a mesh router, the attacker has following info: 1.Number of channels. 2.Signal power of each channel. 3.Traffic amount of each channel. 4.Defense strength of each mesh node. And… G L B I D E A H K F J Being compromised, and obtained: 1.routing table info 2.Location info of the mesh router. 3.Traffic info 4.Number of users

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 27 NTU OPLab Signal Strength After compromise a mesh router, the attacker has following info: 1.Number of channels. 2.Signal power of each channel. 3.Traffic amount of each channel. 4.Defense strength of each mesh node. 5.Number of traffic sources Number of users G L B I D E A H K F J

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 28 NTU OPLab Signal Strength The attacker selects next hop with obtained info from compromised mesh routers if available. The node with the highest number of traffic sources 20 6 G L B I 20 D 28 E A H K F J 90 88

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 29 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Attacker Nodes with more defense resource The action of compromising a honeynode will has following results: 1.Succeed Aware of the fact that it’s a honeynode. Not aware of 2.Failed A B C D E F G HI J K L M N

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 30 NTU OPLab Signal Strength The attacker selects next hop with obtained info from compromised mesh routers if available B A 20 6 G C E D 27 K L M N

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 31 NTU OPLab Signal Strength B A 20 6 G 28 E K L M N However, the node which was compromised by attacker was a honeynode. Thus, it obtained following fake info: 1.Population 2.Traffic of the neighbors The defender will lead the attacker to: 1.Unimportant area 2.Nodes with greater defense strength C D

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 32 NTU OPLab Signal Strength B A 20 6 G 28 E K L M N Relatively low traffic sources on important nodes. High traffic sources on unimportant nodes C D Select node C as next hop

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 33 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Attacker Nodes with more defense resource A B C D E F G HI J K L M N Failed to compromise

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 34 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Attacker Nodes with more defense resource Compromised 2 nd choice node D A B C D E F G HI J K L M N O PQ R

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 35 NTU OPLab Signal Strength B A 20 6 G 28 E O R Q C 20 8 D P Select node N as next hop. But what will the attacker do if he compromised a honeynode? When the attacker compromised a honeynode, he may obtain: 1.Only fake info 2.Mixture of fake and true info. What should I do ? Just ignore it? Or attack the node they try to protect? Attackers with high capacity have greater probability to distinguish between true and fake.

Scenario – Attacker’s Preparing Phase – Attack Detection 2010/12/16 36 NTU OPLab Signal Strength B A 20 6 G 28 E O R Q C 20 8 D P Being attacked? What should I do to protect QoS? Capable of attack detection

Scenario – Attacker’s Preparing Phase – Attack Detection(cont’) 2010/12/16 37 NTU OPLab Signal Strength B A 20 6 G 28 E O R Q C 20 8 D P Re-allocate the population on its neighbors. Capable of attack detection

Scenario – Attacker’s Preparing Phase – Attack Detection(cont’) 2010/12/16 38 NTU OPLab Signal Strength 90 2 B 5 A 20 6 G E 8 O 4 R 90 3 Q 15 C 20 8 D P Capable of attack detection Real population on D’s neighbor Re-allocation strategy might be:

Scenario – Attacker’s Preparing Phase – Attack Detection(cont’) 2010/12/16 39 NTU OPLab Signal Strength B 90 9 A 20 9 G 9 E 9 O 10 R Q 90 9 C 20 9 D 90 9 P Capable of attack detection Real population on D’s neighbor Re-allocation strategy: Average Population Average the QoS impact caused by jamming

2010/12/16NTU OPLab 40 Scenario – Attacker’s Preparing Phase – Attack Detection(cont’)

2010/12/16NTU OPLab 41 Scenario – Attacker’s Preparing Phase – Attack Detection(cont’)

2010/12/16 42 NTU OPLab Signal Strength 90 2 B 5 A 20 6 G E 8 O 4 R 90 3 Q 15 C 20 8 D P Capable of attack detection Real population on D’s neighbor Re-allocation strategy: Average Traffic Minimize the QoS impact caused by jamming

Scenario – Attacker’s Preparing Phase(cont’) 2010/12/16 43 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Attacker Nodes with more defense resource A B C D E F G HI J K L M N O PQ R S TU V W X

Scenario – Attacker’s Attacking Phase 2010/12/16 44 NTU OPLab A B C D E F G HI J K L M N O PQ R S TU V W X Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Jammed honeynode B Jammed node V with high population Jammed node P(not fake channel) Jammed normal node F Jammed honeynode U

Scenario – Attacker’s Attacking Phase(cont’) 2010/12/16 45 NTU OPLab A B C D E F G HI J K L M N O PQ R S TU V W X Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Range overlapped, the fake channel jammed. Although they seems overlapped, but the jammers attacked two different channel

Scenario – Defender’s Defending Phase 2010/12/16 46 NTU OPLab A B C D E F G HI J K L M N O PQ R S TU V W X Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource To minimize the total effectiveness of jamming, the defender will tend to remove these nodes first: 1.High population 2.Not fake channel Their sequence will be… 1)Jammed node V with high population 2)Jammed normal node F 3)Jammed node P(not fake channel) 5)Jammed honeynode U 4)Jammed honeynode B

Scenario – Defender’s Defending Phase - Channel Surfing 2010/12/16 47 NTU OPLab A B C D E F G HI J K L M N O PQ R S TU V W X Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource The function of channel surfing function: 1.Mitigate the impact of jamming Time Effectiveness Range overlapped. If the mesh router switch to other channel: 1.Jammed time shotened. 2.Jammers are not able to know which channel is the origin channel unless it’s compromised.

Scenario – Defender’s Defending Phase - Localization 2010/12/16 48 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Two types of locator: 1.Static 2.Mobile

Scenario – Defender’s Defending Phase - Localization 2010/12/16 49 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Static locator: 1.Mesh routers

Scenario – Defender’s Defending Phase - Localization 2010/12/16 50 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Static locator: 2.Reference points Deployed in the topology with the given density The density is defined as locater per length unit. In this case, the unit is 10 meter

Scenario – Defender’s Defending Phase - Localization 2010/12/16 51 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Mobile locator Capable of precise localization function Jammer which is not able to be approximately localized

Scenario – Defender’s Defending Phase - Localization 2010/12/16 52 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Mobile locator Reference point 1 Reference point 2

Scenario – Defender’s Defending Phase - Localization 2010/12/16 53 NTU OPLab Base Station Mesh router Honeynode Compromised mesh router Jammed mesh router Jammer Attacker Nodes with more defense resource Mobile locator Reference point 1 (useless) Reference point 2Multiple jammers Reference point 3 Reference point 4 One of the jammers removed

Mathematical Formulation

Assumptions 1.The communications between mesh routers and between mesh routers and mesh clients use different communication protocol. 2.All the packets are encrypted. Thus, the attacker can’t directly obtain information in the communication channels. 3.The defender has complete information of the network which is attacked by a single attacker with different strategies. 4.The attacker is not aware of the topology of the network. Namely, it doesn’t know that there are honeynodes in the network and which nodes are important, i.e., the attacker only has incomplete information of the network. 2010/12/16 55 NTU OPLab

Assumptions(cont’) 5.There are two kinds of defense resources, the non-deception based resources and the deception based resources. 6.There are multiple jammers in the network, and their jamming ranges might be overlapped. 7.There is only constructive interference between jamming signals. 2010/12/16 56 NTU OPLab

Given parameters 2010/12/16NTU OPLab 57 NotationDescription NThe index set of all nodes HThe index set of all honeynodes PThe index set of the nodes with channel surfing technique QThe index set of the nodes with precise localization technique RThe index set of the nodes with detection technique

Given parameters 2010/12/16NTU OPLab 58 NotationDescription BThe defender’s total budget Z All possible attack configuration, including attacker’s attributes and corresponding strategies. E All possible defense configuration, including defense resources allocation and defending strategies FTotal attacking times of all attackers An attack configuration, including the attributes and corresponding strategies, where 1≤ i ≤ F 1 if the attacker can achieve his goal successfully, and 0 otherwise, where 1≤ i ≤ F

Given parameters 2010/12/16NTU OPLab 59 NotationDescription m(ρi)m(ρi) The cost of constructing a node with the quality with quality ρ i, where i ∈ N nini The non-deception based defense resources allocated to node i, where i ∈ N h(εi)h(εi) The cost of constructing a honeynode with the interactive capability ε i, where i ∈ H a(φ)a(φ) The cost of constructing static locators with the density φ b The cost of constructing a channel surfing function to one node c The cost of constructing a precise localization technique to one node d The cost of constructing a detection technique to one node t(ρi)t(ρi) The maximum traffic of node i with quality ρ i, where i ∈ N

Decision variables 2010/12/16NTU OPLab 60 NotationDescription The information regarding resources allocating and defending wiwi 1 if node i is equipped with honeynode function, and 0 otherwise, where i ∈ N xixi 1 if node i is equipped with channel surfing function, and 0 otherwise, where i ∈ N yiyi 1 if node i is implemented with precise localization technique, and 0 otherwise, where i ∈ N zizi 1 if node i is implemented with the detection technique, and 0 otherwise, where i ∈ N εiεi The interactive capability of honeypot i, where i ∈ N ρiρi The quality of node i, where i ∈ N φThe density of static locator

Objective function 2010/12/16NTU OPLab 61 (IP 1)

Constraints Defender’s budget constraints 2010/12/16NTU OPLab 62 (IP 1.1) (IP 1.2)

Constraints Defender’s budget constraints 2010/12/16NTU OPLab 63 (IP 1.3)

Constraints Defender’s budget constraints 2010/12/16NTU OPLab 64 (IP 1.6) (IP 1.7) (IP 1.5) (IP 1.4)

Constraints Defender’s budget constraints 2010/12/16NTU OPLab 65 (IP 1.10) (IP 1.9) (IP 1.8)

Constraints QoS constraints ▫ QoS is a function of: 1.BS loading 2.Utilization of mesh routers on the path to BS 3.Hops to core node 4.Fake traffic effect, 5.Population re-allocation effect 6.Channel surfing effect 7.Jammer removal 2010/12/16NTU OPLab 66 (IP 1.11)

Constraints QoS constraints ▫ ▫ The performance reduction cause by the jammed node should not violate IP1.11. ▫ The performance reduction cause by the channel surfing should not violate IP /12/16NTU OPLab 67 (IP 1.12) (IP 1.13) (IP 1.14)

Constraints Channel surfing constraints ▫ The mesh router must equipped with channel surfing technique. ▫ The next channel to be selected must not be in use. ▫ Channel surfing function triggers only if the jammed channel is not a fake channel. Population re-allocation constraints ▫ The mesh clients to be re-allocated must be in the transmission range of the mesh routers other than current mesh router. ▫ The total traffic of the mesh router i after re-allocation must not exceed the maximum traffic limit t(ρ i ), where i ∈ N. 2010/12/16NTU OPLab 68 (IP 1.15) (IP 1.16) (IP 1.17) (IP 1.18) (IP 1.19)

Constraints Approximate localization ▫ There must be at least three available reference points which is under the effect of jamming attack in the jammed channel. Precise localization ▫ There must be at least one mobile locator in the network. Fake traffic ▫ The fake traffic sent to mesh router i from the honeynodes must not make it exceed the maximum traffic limit t(ρ i ), where i ∈ N 2010/12/16NTU OPLab 69 (IP 1.21) (IP 1.22) (IP 1.20)

Constraints 2010/12/16NTU OPLab 70 (IP 1.25) (IP 1.24) (IP 1.23) (IP 1.26) Integer constraints

The End Thanks for your attention. 2010/12/16 71 NTU OPLab