Abstract
Most existing wireless IDSs do not provide timely active responses to wireless intrusions as the execution of the responses is done manually by the administrator. Some wireless IDSs address this issue by providing automated responses. On one hand, they reduce the chances of successful wireless attacks by responding immediately to intrusions. On the other hand, they execute responses without considering environmental factors and hence, results in execution of unsuitable responses causing negative effects to legitimate systems. This paper addresses this issue by proposing a wireless IDS with adaptive automated response mechanism named Context Aware Wireless Analyser (CAWAnalyser). CAWAnalyser selects an appropriate response based on a number of contextual factors, and invokes the selected response if the total impact of such response is lower than the total impact of the corresponding attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)
Stubblefield, A., Ioannidis, J., Rubin, A.D.: Using the Fluhrer, Mantin, and Shamir Attack to Break WEP. In: Proceedings of Network and Distributed System Security Symposium, San Diego, California, February 6-8 (2002)
Lackey, J., Roths, A., Goddard, J.: Wireless Intrusion Detection. IBM Executive Strategy Report (2003), http://www-1.ibm.com/services/strategy/files2/wireless_intrusion_detection.pdf
AirDefense Inc.: AirDefense Guard (2004), http://www.airdefense.net/products/airdefense_ids.shtm
Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. The Inforsec Technical Baseline studies (1999), http://all.net/journal/ntb/simulate/simulate.html
Carver, C.A., Pooch, U.W.: An Intrusion Response Taxonomy and its Role in Automatic Intrusion Response. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York, June 6-7, pp. 129–135 (2000)
Carver, C.A., Hill, J.M.D., Pooch, U.W.: Limiting Uncertainty in Intrusion Response. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, United States Military Academy, West Point, New York, June 5-6, pp. 142-147 (2001)
Papadaki, M., Furnell, S., Lines, B., Reynolds, P.: Operational Characteristics of an Automated Intrusion Response System. In: Lioy, A., Mazzocchi, D. (eds.) CMS 2003. LNCS, vol. 2828, pp. 65–75. Springer, Heidelberg (2003)
Papadaki, M., Furnell, S.M., Lee, S.J., Lines, B.M., Reynolds, P.L.: Enhancing response in intrusion detection systems. Journal of Information Warfare 2(1), 90–102 (2002)
Want, R., Hopper, A., Falcao, V., Gibbons, J.: The Active Badge Location System. ACM Transactions on Information Systems 10, 91–102 (1992)
Gan, C.H., Zaslavsky, A., Giles, S.: CAWAnalyser: Enhancing Wireless Intrusion Detection with Runtime Context-Awareness. In: Proceedings of the 2004 Australian Telecommunications Networks & Application Conference, Sydney, Australia, December 8-10 (2004) (in Press)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gan, C.H., Zaslavsky, A., Giles, S. (2005). CAWAnalyser: Enhancing Wireless Intrusion Response with Runtime Context-Awareness. In: Lorenz, P., Dini, P. (eds) Networking - ICN 2005. ICN 2005. Lecture Notes in Computer Science, vol 3420. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31956-6_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-31956-6_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25339-6
Online ISBN: 978-3-540-31956-6
eBook Packages: Computer ScienceComputer Science (R0)