Detection and Localization of Multiple Spoofing Attackers Using Cluster Analysis in Wireless Network
Wireless networks are vulnerable to spoofing attacks, which allows for many other forms of attacks on the networks. Although the authentication is not always possible because it requires key management and additional infrastructural overhead. In this paper describes method on detection and localization of multiple spoofing attackers in wireless networks. Author have spatial information a physical property of a node which have its no dependence on cryptography and hard to falsify for (1) detecting spoofing attacks; (2) determining the number of attackers when multiple adversaries masquerading as a same node identity; and (3) localizing multiple adversaries. Author propose to use Generalized Attack Detection Model (GADE) which has the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the presence of spoofing attacks. Using cluster-based mechanisms, developed to determine the number of attackers. When the training data is available, we explore using Support Vector Machines (SVM) method to improve the accuracy of determining the number of attackers. In addition, author developed an integrated detection and localization system that can localize the positions of multiple attackers. Author evaluated our techniques through two testbeds using both an 802.11 (WiFi) network and an 802.15.4 (ZigBee) network in two real office buildings. Our experimental results show that our proposed methods can achieve over 90% Hit Rate and Precision when determining the number of attackers. Localization results using a representative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries.