A distributed vulnerability detection system for WLANs

The increasing popularity of wireless networks has opened organizations up to new security threats and many traditional countermeasures are ineffective in dealing with them. Any networked system where security or privacy protection of assets is valued needs security experts to protect and control it. There exists a need for an automated security system which helps security analysts to focus on critical points. This paper discusses the issues related to vulnerability assessment in wireless networks and proposes a new distributed system to analyze system interactivity, security capability and vulnerability detection in wireless networks. The design and implementation of this distributed vulnerability detection system for WLANs is also presented. This proposal is based on international best practices for security, the open source security testing methodology manual (OSSTMM). It is part of a wider system for automating vulnerability detection not only for wireless but for wired networks called Consensus.

[1]  Guiomar Corral,et al.  Prediction and Control of Short-Term Congestion in ATM Networks Using Artificial Intelligence Techniques , 2001, ICN.

[2]  Henry L. Owen,et al.  Wireless intrusion detection and response , 2003, IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003..

[3]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[4]  Peng Ning,et al.  Analyzing Intensive Intrusion Alerts via Correlation , 2002, RAID.

[5]  Lee M. Rossey,et al.  Extending the DARPA off-line intrusion detection evaluations , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[6]  Michael Conner,et al.  Genetic algorithm/artificial life evolution of security vulnerability agents , 1999, MILCOM 1999. IEEE Military Communications. Conference Proceedings (Cat. No.99CH36341).

[7]  Jizhou Sun,et al.  Intrusion detection for wireless local area network , 2004, Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No.04CH37513).

[8]  John Hale,et al.  A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..

[9]  Lili Qiu,et al.  Proceedings of the 3rd international conference on Wireless internet , 2007 .

[10]  Murugiah P. Souppaya,et al.  Guideline on Network Security Testing: Recommendations of the National Institute of Standards and Technology , 2003 .