A WTLS-based virtual private network for wireless intrusion prevention

It is well known that virtual private network (VPN) and intrusion prevention system (IPS) are all important network security schemes. Traditionally, both VPN and IPS need a clear network margin. However, now the rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. It is a noteworthy problem how to display wireless IPS (WIPS). Because of some characteristics of wireless network, it is not so convenient to build a WIPS in wireless environment as in wire environment. To address this problems, this paper explorer a novel wireless VPN: WBVPN(WTLS-Based VPN). In WBVPN, a logical sole path is built between wireless terminal and its destination, so a IPS engine can detect and prevent the traffics of user. WTLS is introduced firstly and then by WTLS-VPN, we give a basic solution of intrusion prevention in wireless network. Besides, an access control mechanism which have been and an access control mechanism in our former work is applied to WBVPN. Finally, an experiment about performance of WBVPN will be displayed.

[1]  Kai Ouyang,et al.  An application-layer based centralized information access control for VPN , 2006 .

[2]  Jun Song,et al.  Analysis and application of environment-aware access control model , 2009, 2009 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[3]  William A. Arbaugh,et al.  YOUR 802.11 WIRELESS NETWORK HAS NO CLOTHES , 2001 .

[4]  William A. Arbaugh,et al.  Your 80211 wireless network has no clothes , 2002, IEEE Wirel. Commun..

[5]  Min Du,et al.  An Environment-Aware Dynamic Access Control Model , 2009, 2009 WRI International Conference on Communications and Mobile Computing.

[6]  Xiaowen Chu,et al.  MLCC: A Multi Layered Correlative Control Mechanism for the VPN Topology , 2007, 2007 International Conference on Networking, Architecture, and Storage (NAS 2007).

[7]  Shengsheng Yu,et al.  The Dynamic Endpoint-Based Access Control Model on VPN , 2007, 2007 International Conference on Networking, Architecture, and Storage (NAS 2007).

[8]  Yu Shengsheng,et al.  WBIPS: A Lightweight WTLS-Based Intrusion Prevention Scheme , 2007, 2007 International Conference on Wireless Communications, Networking and Mobile Computing.

[9]  Eduardo B. Fernandez,et al.  An Overview of the Security of Wireless Networks , 2004 .

[10]  Song Cheng A Lightweight WTLS-based Mobile VPN Scheme , 2005 .

[11]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[12]  A. S. Krishnakumar,et al.  Tackling security vulnerabilities in VPN-based wireless deployments , 2004, 2004 IEEE International Conference on Communications (IEEE Cat. No.04CH37577).

[13]  Evangelos P. Markatos,et al.  An active splitter architecture for intrusion detection and prevention , 2006, IEEE Transactions on Dependable and Secure Computing.

[14]  Reoven Cohen On the establishment of an access VPN in broadband access networks , 2003, IEEE Commun. Mag..

[15]  Zhou Jingli,et al.  An application-layer based centralized information access control for VPN * , 2006 .

[16]  Wenke Lee,et al.  Intrusion Detection Techniques for Mobile Wireless Networks , 2003, Wirel. Networks.

[17]  Chi-Chun Lo,et al.  The implementation of a proactive wireless intrusion detection system , 2004, The Fourth International Conference onComputer and Information Technology, 2004. CIT '04..

[18]  Jun Song,et al.  A Survivable Virtual Terminal Based on Environment-Awareness , 2009, 2009 International Conference on Research Challenges in Computer Science.