Textdokument
Potential analysis for the detection of attacks on wireless networks using the Wireless Intrusion Detection System Nzyme
Vorschaubild nicht verfügbar
Volltext URI
Dokumententyp
Dateien
Zusatzinformation
Datum
2022
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik, Bonn
Zusammenfassung
Due to the flexibility and low cost of acquisition compared to wired network connections, wireless networks continue to proliferate. Due to this increasing number and the characteristics of a shared medium, it offers potential attackers a suitable platform to easily gain access to diverse network types. To this end, the range of specialised hardware and software for attacking wireless networks is constantly evolving. Information on the location and other parameters of wireless networks is also documented and updated online in a largely automated manner. Particularly in the economic as well as in the public environment, a special need can thus arise to detect attacks, identify attackers and initiate countermeasures on the basis of this information. This paper describes the evaluation of the possibilities offered by the open-source Wireless Intrusion Detection System (WIDS) Nzyme. For this purpose, the messages that occur during different attacks were examined. Furthermore, real data was recorded and evaluated based on the parameters from the test attacks to draw conclusions about the type and frequency of attacks. The ratio between legitimate reports and false alarms was also determined. Test attacks were successfully detected and could be assigned to possible attacks. Real data was recorded at three locations and compared with the patterns from the test attacks. The evaluation shows that the rate of false alarms in real operations is unacceptable, at over 27%. The causes for this are mostly misconfigurations and atmospheric disturbances. The study further shows, that combined alarm messages allow conclusions to be drawn about the type of attack carried out and thus the number of false alarms can be reduced. The effort and benefit of a WIDS are currently not yet in a meaningful relationship. Nevertheless, use and further development are recommended, taking these circumstances into account.