Miami Beach, Florida, USA
Dec. 11, 2006 to Dec. 15, 2006
Rupinder Gill , Queensland University of Technology, Australia
Jason Smith , Queensland University of Technology, Australia
Andrew Clark , Queensland University of Technology, Australia
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.48
Wireless networking technologies based on the IEEE 802.11 series of standards fail to authenticate management frames and network card addresses and suffer from serious vulnerabilities that may lead to denial of service, session hijacking, and address masquerading attacks. In this paper, we describe and implement a specification-based intrusion detection system for IEEE 802.11 wireless infrastructure networks, which not only provides attack detection, but also implements policy compliance monitoring. The specification used by our intrusion detection system is derived from network protocol state transition models and site security policy constraints. We also perform an experimental and comparative analysis of the technique to assess its effectiveness. The results indicate that the approach is superior at successfully detecting a greater variety of attacks than other existing approaches.
Rupinder Gill, Jason Smith, Andrew Clark, "Specification-Based Intrusion Detection in WLANs", ACSAC, 2006, Computer Security Applications Conference, Annual, Computer Security Applications Conference, Annual 2006, pp. 141-152, doi:10.1109/ACSAC.2006.48