CAWAnalyser: Enhancing Wireless Intrusion Response with Runtime Context-Awareness
Most existing wireless IDSs do not provide timely active responses to wireless intrusions as the execution of the responses is done manually by the administrator. Some wireless IDSs address this issue by providing automated responses. On one hand, they reduce the chances of successful wireless attacks by responding immediately to intrusions. On the other hand, they execute responses without considering environmental factors and hence, results in execution of unsuitable responses causing negative effects to legitimate systems. This paper addresses this issue by proposing a wireless IDS with adaptive automated response mechanism named Context Aware Wireless Analyser (CAWAnalyser). CAWAnalyser selects an appropriate response based on a number of contextual factors, and invokes the selected response if the total impact of such response is lower than the total impact of the corresponding attack.
Unable to display preview. Download preview PDF.
- 2.Stubblefield, A., Ioannidis, J., Rubin, A.D.: Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. In: Proceedings of Network and Distributed System Security Symposium, San Diego, California, February 6-8 (2002)Google Scholar
- 3.Lackey, J., Roths, A., Goddard, J.: Wireless Intrusion Detection. IBM Executive Strategy Report (2003), http://www-1.ibm.com/services/strategy/files2/wireless_intrusion_detection.pdf
- 4.AirDefense Inc.: AirDefense Guard (2004), http://www.airdefense.net/products/airdefense_ids.shtm
- 5.Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. The Inforsec Technical Baseline studies (1999), http://all.net/journal/ntb/simulate/simulate.html
- 6.Carver, C.A., Pooch, U.W.: An Intrusion Response Taxonomy and its Role in Automatic Intrusion Response. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York, June 6-7, pp. 129–135 (2000)Google Scholar
- 7.Carver, C.A., Hill, J.M.D., Pooch, U.W.: Limiting Uncertainty in Intrusion Response. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York, June 5-6, pp. 142-147 (2001)Google Scholar
- 9.Papadaki, M., Furnell, S.M., Lee, S.J., Lines, B.M., Reynolds, P.L.: Enhancing response in intrusion detection systems. Journal of Information Warfare 2(1), 90–102 (2002)Google Scholar
- 11.Gan, C.H., Zaslavsky, A., Giles, S.: CAWAnalyser: Enhancing Wireless Intrusion Detection with Runtime Context-Awareness. In: Proceedings of the 2004 Australian Telecommunications Networks & Application Conference, Sydney, Australia, December 8-10 (2004) (in Press)Google Scholar