Title :
Specification-Based Intrusion Detection in WLANs
Author :
Gill, Rupinder ; Smith, Jason ; Clark, Andrew
Author_Institution :
Inf. Security Inst., Queensland Univ. of Technol., Brisbane, Qld.
Abstract :
Wireless networking technologies based on the IEEE 802.11 series of standards fail to authenticate management frames and network card addresses and suffer from serious vulnerabilities that may lead to denial of service, session hijacking, and address masquerading attacks. In this paper, we describe and implement a specification-based intrusion detection system for IEEE 802.11 wireless infrastructure networks, which not only provides attack detection, but also implements policy compliance monitoring. The specification used by our intrusion detection system is derived from network protocol state transition models and site security policy constraints. We also perform an experimental and comparative analysis of the technique to assess its effectiveness. The results indicate that the approach is superior at successfully detecting a greater variety of attacks than other existing approaches
Keywords :
formal specification; protocols; security of data; wireless LAN; IEEE 802.11 wireless infrastructure networks; WLAN; address masquerading attacks; denial of service; network protocol; policy compliance monitoring; session hijacking; site security policy; specification-based intrusion detection; state transition model; Authentication; Communication system security; Computer crime; Computer security; Computerized monitoring; Intrusion detection; Phase detection; Wireless LAN; Wireless application protocol; Wireless networks;
Conference_Titel :
Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual
Conference_Location :
Miami Beach, FL
Print_ISBN :
0-7695-2716-7
DOI :
10.1109/ACSAC.2006.48
