An Integrated Scheme for Intrusion Detection in WLAN
Wireless Local Area Network (WLAN) is susceptible to security provisioning in spite of the solutions such as the Wired Equivalent Protocol (WEP) or IEEE 802.1x. This paper proposes an integrated scheme for intrusion detection in WLAN systems. The proposed scheme operates with one or more Gathering Agents (GAs) and a Master Server (MS). Each GA is used to get security information by collecting the frame packets in WLAN, whereas the MS is purposed to detect and prevent the various attacks by analyzing the packets in the WLAN systems. A detection engine contained in the MS employs OUI list matching for detection of MAC spoofing attacks, sequence number analysis for man-in-the-middle attacks, and Finite State Machine (FSM) analysis for Denial-of-Service (DoS) attacks. By experiments, it is shown that the proposed scheme could effectively detect and prevent the various attacks that could possibly be done in the WLAN systems.
KeywordsMedium Access Control Intrusion Detection Wireless Local Area Network Finite State Machine Medium Access Control Address
Unable to display preview. Download preview PDF.
- 1.IEEE 802.11 Standard, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification (1997)Google Scholar
- 2.Fluhrer, S., Mantin, I., Shamir, A.: Weakness in the Key scheduling Algorithm of RC4. In: Proceedings of the 8th Annual Workshop on Selected Areas in Cryptography (August 2001)Google Scholar
- 3.Lim, Y., Schmoyer, T., Levine, J., Henry, L.: Wireless Intrusion Detection an Response. In: Proceedings of the IEEE Workshop on Information Assurance (2003)Google Scholar
- 4.IEEE Draft P802.1X/D11. Standards for Local and Metropolitan Area Networks: Standard for Port based Network Access Control (March 2001)Google Scholar
- 5.Arbaugh, W., Shankar, N., Wan, Y.: An initial Security Analysis of the IEEE 802.1X Standard. Technical Report, Department of Computer Science, University of Maryland (2002)Google Scholar
- 6.Wright, J.: Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection. Available from, http://home.jwu.edu/jwright/papers/l2-wlan-ids.pdf
- 7.IEEE OUI and Company_ID Assignments, Available from http://Stanard.ieee.org/regauth/oui/oui.txt
- 8.Wright, J.: Detecting Wireless LAN MAC Address Spoofing. Available from http://home.jwu.edu/jwright/papers/l2-wlan-ids.pdf
- 9.Hennie, H.: Finite-State Models for Logical Machines. John Wiley & Son, ChichesterGoogle Scholar