A Complex Attacks Recognition Method in Wireless Intrusion Detection System
During recent years, the challenge faced by wireless network security is getting severe with the rapid development of internet. However, due to the defects of wireless communication protocol and difference among wired networks, the existing intrusion prevention systems are seldom involved. This paper proposed a method of identifying complicated multistep attacks orienting to wireless intrusion detection system, which includes the submodules of alarm simplification, VTG generator, LAG generator, attack signature database, attack path resolver and complex attack evaluation. By means of introducing logic attack diagram and virtual topological graph, the attach path was excavated. The experimental result showed that this identification method is applicable to the real scene of wireless intrusion detection, which plays certain significance to predict attackers’ ultimate attack intention.
KeywordsMobile Internet Wireless intrusion Multi-step attack
This work was partially supported by Zhejiang Provincial Natural Science Foundation of China (No. LY16F020010), Hangzhou Science & Technology Development Project of China (No. 20150533B16, No. 20162013A08) and the 2016 National Undergraduate Training Programs for Innovation and Entrepreneurship, China (No. 201613021004).
- 2.Afzal, Z., Rossebø, J., Talha, B., et al.: A wireless intrusion detection system for 802.11 networks. In: International Conference on IEEE Wireless Communications, Signal Processing and Networking (WiSPNET), pp. 828–834 (2016)Google Scholar
- 4.Liang, H., Nannan, X., Erbuli, N., et al.: A multi-stage attack scenario recognition algorithm based on intelligent planning. Chin. J. Electron. 41(9), 1753–1759 (2013)Google Scholar
- 5.Shameli-Sendi, A., Louafi, H., He, W., et al.: A defense-centric model for multi-step attack damage cost evaluation. In: 2015 3rd International Conference on Future Internet of Things and Cloud (FiCloud), pp. 145–149. IEEE (2015)Google Scholar
- 7.Wang, Z., Yuan, P., Huang, X., et al.: Research of a novel attack scenario constructing method. J. Southwest Univ. Sci. Technol. 31(1), 55–60 (2016)Google Scholar
- 9.Julisch, K.: Mining alarm clusters to improve alarm handling efficiency. In: Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC 2001), New Orleans, USA, pp. 12–21. IEEE Press (2001)Google Scholar
- 10.Jiang, Z., Zhao, J., Li, X.-Y., et al.: Rejecting the attack: source authentication for Wi-Fi management frames using CSI information. In: Proceedings of the 32nd IEEE Conference on Computer Communications (INFOCOM 2013), Turin, Italy, pp. 2544–2552. IEEE Press (2013)Google Scholar