Traffic-and-resource-aware intrusion detection in wireless mesh networks

As the interest in Wireless Mesh Networks (WMN), as an infrastructureless wireless network, grows, security issues, especially intrusion detection, become of paramount importance. The diversity in hardware along with a variety of WMN applications, have resulted in WMN with different network characteristics (e.g., resource levels, system and security models, etc.). Consequently, different intrusion detection mechanisms have been proposed by the research community. Recently, the community has proposed several monitoring techniques for intrusion detection where each considers different assumptions and presents a different problem formulation for optimal monitoring. This article proposes a taxonomy that categorizes existing solutions in this research area and identifies the similarities and differences in their optimal monitoring problem formulations. We then concentrate on two classes of monitoring techniques for intrusion detection in WMN: Traffic Agnostic and Resourceful and Traffic Aware and Resourceful and present centralized and distributed algorithms for solving optimal monitoring problem in these networks. Through extensive simulations and a real implementation, we demonstrate the effects of different network characteristics on the problem formulation and consequently the performance (e.g., intrusion detection rate and resource consumption) of proposed solutions for optimal monitoring in WMN.