Wireless Intrusion Detection System Using a Lightweight Agent

The exponential growth in wireless network faults, vulnerabilities, and attacks make the Wireless Local Area Network (WLAN) security management a challenging research area. Deficiencies of security methods like cryptography (e.g. WEP) and firewalls, causes the use of more complex security systems, such as Intrusion Detection Systems, to be crucial. In this paper, we present a hybrid wireless intrusion detection system (WIDS). To implement the WIDS, we designed a simple lightweight agent. The proposed agent detect the most destroying and serious attacks; Man-In-The-Middle and Denial-of-Service; with the minimum selected feature set. To evaluate our proposed WIDS and its agent, we collect a complete data-set using open source attack generator softwares. Experimental results show that in comparison with similar systems, in addition of more simplicity, our WIDS provides high performance and precision.

[1]  Georgios Kambourakis,et al.  Towards effective Wireless Intrusion Detection in IEEE 802.11i , 2007, Third International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007).

[2]  Jizhou Sun,et al.  Intrusion detection solution to WLANs , 2004, Proceedings of the IEEE 6th Circuits and Systems Symposium on Emerging Technologies: Frontiers of Mobile and Wireless Communication (IEEE Cat. No.04EX710).

[3]  Christian Barnes... Hack proofing your wireless network , 2002 .

[4]  Henry L. Owen,et al.  Wireless intrusion detection and response , 2003, IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003..

[5]  Salim Hariri,et al.  Anomaly-Based Behavior Analysis of Wireless Network Security , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[6]  Chi-Chun Lo,et al.  The implementation of a proactive wireless intrusion detection system , 2004, The Fourth International Conference onComputer and Information Technology, 2004. CIT '04..

[7]  Jason Smith,et al.  Specification-Based Intrusion Detection in WLANs , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[8]  Maxim Raya,et al.  DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots , 2004, MobiSys '04.