Skip to main content
SpringerLink
Log in

The Performance Analysis of Honeypot Based Intrusion Detection System for Wireless Network

  • Published:
International Journal of Wireless Information Networks Aims and scope Submit manuscript

Abstract

Wireless network security is becoming a great challenge as its popularity is in the high spirit. On account of open medium, insignificant software implementation, potential for hardware deficits, and improper configuration; Wi-Fi network is vulnerable to Rogue Access Point (RAP). Rogue Access Point is an unauthorized access point which can be installed by end-users without the knowledge of security administrator. When this rogue device is connected to the Internet, it can be used by an assailant to breach the security of the network. Existing RAPs detection techniques have limited capabilities and are not able to detect all variants of assaulters activities. In this paper, a method named Honeypot Intrusion Detection System (Honeypot IDS) is proposed for the detection and prevention of Rogue Access Point via attack detection performed by internal and external malicious users. Honeypot IDS combines Intrusion Detection System and Honeypot, to reduce false alarm rate generated by existing IDS. The proposed approach consist of three phases; filtering, intrusion detection system and honeypot. The traffic after passing filtering and intrusion detection system is rerouted to honeypot for in-depth investigation. The proposed architecture improves the overall performance of the system by diminishing false alarm rate generated by intrusion detection system and is able to sustain the overall workload of honeypot.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17

Similar content being viewed by others

References

  1. S. Fluhrer, I. Mantin and A. Shamir, Weaknesses in the Key Scheduling Algorithm of RC4. Selected Areas in Cryptography, 8th Annual International Workshop, SAC, Toronto, Ontario, Canada (Springer-Verlag Berlin Heidelberg 2001), pp. 1–24.

  2. N. Borisov, I. Goldberg and D. Wagner, Intercepting mobile communications: The insecurity of 802.11. In the proceedings of the Seventh Annual International Conference on Mobile Computing And Networking, ACM New York USA, pp. 16–21 (2001).

  3. A. Bittau, M. Handley and J. Lackey, The Final Nail in WEPs Coffin. In the Proceedings of IEEE symposium on security and privacy, pp. 1–15 (2006).

  4. E. Tews, R. P. Weinmann and A. Pyshkin, Breaking 104 bit WEP in less than 60 seconds. In the Proceedings of the 8th International Conference on Information Security Applications, Springer Verlag Berlin Heidelberg, pp. 188–202 (2007).

  5. L. Ma, A. Y.Teymorian, X. Cheng and M. Song, RAP: Protecting commodity Wi-Fi networks from rogue access points. In the Proceedings of Fourth International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness and Workshops, ACM New York USA, pp. 1–7 (2007).

  6. Y. B. Mustapha, H. Debar and G. Jacob, Limitation of Honeypot/Honeynet Databases to Enhance Alert Correlation. Computer Network Security, 6th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security (Springer-Verlag Berlin Heidelberg 2012), pp. 203–217.

  7. J. Levine, R. L. Bella, H. Owen, D. Contis and B. Culve, The Use of Honeynets to Detect Exploited Systems Across Large Enterprise Networks, In the Proceedings of IEEE Workshop on Information AssuranceNew York USA, 2003. pp. 92–99.

  8. R. Beyah, S. Kangude, G. Yu, B. Strickland and J. Copeland, Rogue access point detection using temporal traffic characteristics. In the Proceedings of IEEE Conference on Global Telecommunications (GLOBECOM), pp. 2271–2275 (2004).

  9. Motorola Solusions. AirDefense Enterprise: a wireless intrusion prevention, 2011.

  10. A. Adya, P. Bahl, R. Chandra and L. Qiu, Architecture and techniques for diagnosing faults in ieee 802.11 infrastructure networks. In the Proceedings of 10th Annual International Conference on Mobile Computing and Networking (MobiCom), ACM New York, USA, pp. 30–44 (2004).

  11. P. Bahl, R. Chandra, J. Padhye, L. Ravindranath, M. Singh, A. Wolman and B. Zill, Enhancing the security of corporate wi-fi networks using DAIR. In the Proceedings of 10th Annual International Conference on Mobile Computing and Networking (MobiCom), ACM New York, USA, pp. 1–14 (2006).

  12. M. K. Chirumamilla and B. Ramamurthy, Agent based intrusion detection and response system for wireless LANs. In the proceedings of IEEE International Conference on Communications, pp. 492–496 (2003).

  13. J. Milliken, V. Selis and A. Marshall, Detection and analysis of the Chameleon WiFi access point virus. EURASIP Journal on Information Security, Springer, No. 1, (2013).

  14. N. Agrawal and S. Tapaswi, Wireless rogue access point detection using shadow honeynet. International Journal of Wireless Personal Communications, Springer Science+Business Media New York, Vol. 83, No. 1, pp. 551–570 (2015).

  15. W. Wei, Y. Dong, D. Lu and G. Jin, Combining cross-correlation and fuzzy classification to detect distributed Denial-of-Service attacks. Computational Science ICCS (Springer-Verlag Berlin Heidelberg 2006), pp. 57–64.

  16. J. Seo, C. Lee, T. Shon and J. Moon, SVM approach with CTNT to detect DDoS attacks in grid computing. Grid and Cooperative Computing GCC (Springer-Verlag Berlin Heidelberg 2005), pp. 59–70.

  17. Z. Gomez, C. Gil, N. Padilla, R. Banos and C. Jimenez, Design of SNORT based hybrid Intrusion Detection System. Distributed Computing, Artificial Intelligence, Bioinformatics, Soft Computing, and Ambient Assisted Living, 10th International Work-Conference on Artificial Neural Networks (Springer-Verlag Berlin Heidelberg 2009), pp. 515–522.

  18. J. Song, H. Ohba, H. Takakura, Y. Okabe, K. Ohira and Y. Kwon, A Comprehensive Approach to Detect Unknown Attacks Via Intrusion Detection Alerts, Computer and Network Security (Springer-Verlag, Berlin HeidelbergAdvances in Computer Science ASIAN, 2007. pp. 247–253.

  19. N. Agrawal, P. Bhale and S. Tapaswi, Preventing ARP spoofing in WLAN using SHA-512, In the Proceedings of IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), pp. 1–5 (2013).

  20. http://ettercap.github.io/ettercap/

  21. http://www.wireshark.org/

  22. http://www.snort.org/

  23. https://www.pfsense.org/

  24. https://doc.pfsense.org/index.php/Setup_Snort_Package

  25. http://www.keyfocus.net/kfsensor/

Download references

Author information

Authors and Affiliations

  1. Atal Bihari Vajpayee-Indian Institute of Information Technology and Management, Gwalior, Madhya Pradesh, India

    Neha Agrawal & Shashikala Tapaswi

Authors
  1. Neha Agrawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shashikala Tapaswi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Neha Agrawal.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Agrawal, N., Tapaswi, S. The Performance Analysis of Honeypot Based Intrusion Detection System for Wireless Network. Int J Wireless Inf Networks 24, 14–26 (2017). https://doi.org/10.1007/s10776-016-0330-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10776-016-0330-3

Keywords

Search

Navigation