Protecting Wireless Mesh Networks through a distributed intrusion prevention framework

Wireless Mesh Networks (WMN) are growing rapidly in the research community due to their numerous applications and shared services. A feature in this kind of networks is the any-to-any connectivity, which opens the network for diverse kinds of attacks. These attacks generate extra traffic that possibly carries unauthorized intrusions. Our proposal, the IBW Framework, includes an approach for security in WMN detecting and mitigating the attacks through the use of non-relational databases for the data correlation and the dissemination of intrusion information among the nodes in WMN to reduce the amount of attacks in short time. Data correlation is done from the log data of servers and distributed Intrusion Detection & Prevention Systems (IDSs & IPSs) using syslog information with a particular format. Intrusion Prevention Systems can be implemented with any kind of solution, in our case we proposed iptables. Finally, a Case Study is presented, using the OLSR routing protocol and Brute Force attacks comparing our proposal with an open source blocking tool Fail2Ban. The whole scenario is being emulated in Dockemu to generate similar attack patterns for the result comparison.