CAWAnalyser: Enhancing Wireless Intrusion Response with Runtime Context-Awareness

  • Choon Hean Gan
  • Arkady Zaslavsky
  • Stephen Giles
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3420)


Most existing wireless IDSs do not provide timely active responses to wireless intrusions as the execution of the responses is done manually by the administrator. Some wireless IDSs address this issue by providing automated responses. On one hand, they reduce the chances of successful wireless attacks by responding immediately to intrusions. On the other hand, they execute responses without considering environmental factors and hence, results in execution of unsuitable responses causing negative effects to legitimate systems. This paper addresses this issue by proposing a wireless IDS with adaptive automated response mechanism named Context Aware Wireless Analyser (CAWAnalyser). CAWAnalyser selects an appropriate response based on a number of contextual factors, and invokes the selected response if the total impact of such response is lower than the total impact of the corresponding attack.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Stubblefield, A., Ioannidis, J., Rubin, A.D.: Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. In: Proceedings of Network and Distributed System Security Symposium, San Diego, California, February 6-8 (2002)Google Scholar
  3. 3.
    Lackey, J., Roths, A., Goddard, J.: Wireless Intrusion Detection. IBM Executive Strategy Report (2003),
  4. 4.
    AirDefense Inc.: AirDefense Guard (2004),
  5. 5.
    Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. The Inforsec Technical Baseline studies (1999),
  6. 6.
    Carver, C.A., Pooch, U.W.: An Intrusion Response Taxonomy and its Role in Automatic Intrusion Response. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York, June 6-7, pp. 129–135 (2000)Google Scholar
  7. 7.
    Carver, C.A., Hill, J.M.D., Pooch, U.W.: Limiting Uncertainty in Intrusion Response. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York, June 5-6, pp. 142-147 (2001)Google Scholar
  8. 8.
    Papadaki, M., Furnell, S., Lines, B., Reynolds, P.: Operational Characteristics of an Automated Intrusion Response System. In: Lioy, A., Mazzocchi, D. (eds.) CMS 2003. LNCS, vol. 2828, pp. 65–75. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Papadaki, M., Furnell, S.M., Lee, S.J., Lines, B.M., Reynolds, P.L.: Enhancing response in intrusion detection systems. Journal of Information Warfare 2(1), 90–102 (2002)Google Scholar
  10. 10.
    Want, R., Hopper, A., Falcao, V., Gibbons, J.: The Active Badge Location System. ACM Transactions on Information Systems 10, 91–102 (1992)CrossRefGoogle Scholar
  11. 11.
    Gan, C.H., Zaslavsky, A., Giles, S.: CAWAnalyser: Enhancing Wireless Intrusion Detection with Runtime Context-Awareness. In: Proceedings of the 2004 Australian Telecommunications Networks & Application Conference, Sydney, Australia, December 8-10 (2004) (in Press)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Choon Hean Gan
    • 1
  • Arkady Zaslavsky
    • 1
  • Stephen Giles
    • 1
  1. 1.School of Computer Science and Software EngineeringMonash UniversityAustralia

Personalised recommendations