Abstract
Wireless Local Area Network (WLAN) is susceptible to security provisioning in spite of the solutions such as the Wired Equivalent Protocol (WEP) or IEEE 802.1x. This paper proposes an integrated scheme for intrusion detection in WLAN systems. The proposed scheme operates with one or more Gathering Agents (GAs) and a Master Server (MS). Each GA is used to get security information by collecting the frame packets in WLAN, whereas the MS is purposed to detect and prevent the various attacks by analyzing the packets in the WLAN systems. A detection engine contained in the MS employs OUI list matching for detection of MAC spoofing attacks, sequence number analysis for man-in-the-middle attacks, and Finite State Machine (FSM) analysis for Denial-of-Service (DoS) attacks. By experiments, it is shown that the proposed scheme could effectively detect and prevent the various attacks that could possibly be done in the WLAN systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
IEEE 802.11 Standard, Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification (1997)
Fluhrer, S., Mantin, I., Shamir, A.: Weakness in the Key scheduling Algorithm of RC4. In: Proceedings of the 8th Annual Workshop on Selected Areas in Cryptography (August 2001)
Lim, Y., Schmoyer, T., Levine, J., Henry, L.: Wireless Intrusion Detection an Response. In: Proceedings of the IEEE Workshop on Information Assurance (2003)
IEEE Draft P802.1X/D11. Standards for Local and Metropolitan Area Networks: Standard for Port based Network Access Control (March 2001)
Arbaugh, W., Shankar, N., Wan, Y.: An initial Security Analysis of the IEEE 802.1X Standard. Technical Report, Department of Computer Science, University of Maryland (2002)
Wright, J.: Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection. Available from, http://home.jwu.edu/jwright/papers/l2-wlan-ids.pdf
IEEE OUI and Company_ID Assignments, Available from http://Stanard.ieee.org/regauth/oui/oui.txt
Wright, J.: Detecting Wireless LAN MAC Address Spoofing. Available from http://home.jwu.edu/jwright/papers/l2-wlan-ids.pdf
Hennie, H.: Finite-State Models for Logical Machines. John Wiley & Son, Chichester
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, D.P., Koh, S.J., Kim, S.W. (2006). An Integrated Scheme for Intrusion Detection in WLAN. In: Chong, I., Kawahara, K. (eds) Information Networking. Advances in Data Communications and Wireless Networks. ICOIN 2006. Lecture Notes in Computer Science, vol 3961. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11919568_72
Download citation
DOI: https://doi.org/10.1007/11919568_72
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-48563-6
Online ISBN: 978-3-540-48564-3
eBook Packages: Computer ScienceComputer Science (R0)