Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/19532
標題: 分散式無線網路入侵偵測系統
Distributed Wireless Intrusion Detection System
作者: 蔡侑燐
Tsai, Yu-Lin
關鍵字: wireless local area network
無線區域網路
wireless access point
distributed wireless intrusion detection system
無線存取點
無線網路入侵偵測系統
出版社: 資訊科學與工程學系所
引用: [1] 郭彥鋒,”一個植基於異常資料串流挖掘的網路入侵偵測系統實作,”國立中興大學資訊科學系,June 2006. [2]李勁頤、陳奕明,“分散式入侵偵測系統研究現況介紹,” 國立中央大學資訊管理學系,Communication of the CCISA. Vol.8 No.2, March 2002. [3] A. L. N. Fred, "Data clustering using evidence accumulation," Pattern Recognition, 2002. Proceedings. 16th International Conference on, vol. 4, pp. 276-280 vol.4, 2002. [4] F. Weng, "An Intrusion Detection System Based on the Clustering Ensemble," Anti-Counterfeiting, Security, Identification, 2007 IEEE International Workshop on, pp. 121-124, 2007. [5] N. Wu, "An Outlier Mining-Based Method for Anomaly Detection," Anti-Counterfeiting, Security, Identification, 2007 IEEE International Workshop on, pp. 152-156, 2007. [6] R. Moskovitch, "Host Based Intrusion Detection using Machine Learning," Intelligence and Security Informatics, 2007 IEEE, pp. 107-114, 2007. [7] F. Gharibian, "Comparative Study of Supervised Machine Learning Techniques for Intrusion Detection," Communication Networks and Services Research, 2007. CNSR ''07. Fifth Annual Conference on, pp. 350-358, 2007. [8] K. Hwang, "Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes," Transactions on Dependable and Secure Computing, vol. 4, pp. 41-55, 2007. [9] S. Fluhrer, Itsik Mantin and Adi Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4, " Selected Areas in Cryptography, pp. 1-24 2001 [10] T. R. Schmoyer, "Wireless intrusion detection and response: a classic study using main-in-the-middle attack," Wireless Communications and Networking Conference, 2004. WCNC. 2004 IEEE, vol. 2, pp. 883-888 Vol.2, 2004. [11] B. Aslam, "802.11 Disassociation DoS Attack and Its Solutions: A Survey," Mobile Computing and Wireless Communication International Conference, 2006. MCWC 2006. Proceedings of the First, pp. 221-226, 2006. [12] J. Wright, "Detecting Wireless LAN MAC Address Spoofing," (2003):home.jwu.edu/jwright/papers/ [13] A. Sinha, "Wireless intrusion protection system using distributed collaborative intelligence," Performance, Computing, and Communications Conference, 2006. IPCCC 2006. 25th IEEE International, pp. 10 pp., 2006. [14] R. Bace and P. Mell, "Intrusion Detection System," National Institute of Standards and Technology (NIST) Special Publication on Intrusion Detection System. [15] D. E. Denning, "An Intrusion-Detection Model," Transactions on Software Engineering, vol. SE-13, pp. 222-232, 1987. [16] Z. Li, "Theoretical basis for intrusion detection," Information Assurance Workshop, 2005. IAW ''05. Proceedings from the Sixth Annual IEEE SMC, pp. 184-192, 2005. [17] Y.F. Zhang, "Distributed intrusion detection based on clustering," Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on, vol. 4, pp. 2379-2383 Vol. 4, 2005. [18] L. Vokorokos, "Security of distributed intrusion detection system based on multisensor fusion," Applied Machine Intelligence and Informatics, 2008. SAMI 2008. 6th International Symposium on, pp. 19-24, 2008. [19] H. Deng, "Agent-based cooperative anomaly detection for wireless ad hoc networks," Parallel and Distributed Systems, 2006. ICPADS 2006. 12th International Conference on, vol. 1, pp. 8 pp., 2006. [20] Z. Tao, "Wireless Intrusion Detection: Not as easy as traditional network intrusion detection," TENCON 2005 2005 IEEE Region 10, pp. 1-5, 2005. [21] H. Yang, "Intrusion detection for wireless local area network," Electrical and Computer Engineering, 2004. Canadian Conference on, vol. 4, pp. 1949-1952 Vol.4, 2004 [22] H. Yang, "Intrusion detection solution to WLANs," Emerging Technologies: Frontiers of Mobile and Wireless Communication, 2004. Proceedings of the IEEE 6th Circuits and Systems Symposium on, vol. 2, pp. 553-556 Vol.2, 2004. [23] C. Iheagwara, "Architectural and functional issues in systems requirements specifications for wireless intrusion detection systems implementation," Systems Communications, 2005. Proceedings, pp. 434-441, 2005. [24] R. Gill, "Specification-Based Intrusion Detection in WLANs," Computer Security Applications Conference, 2006. ACSAC ''06. 22nd Annual, pp. 141-152, 2006. [25] X. Wang, "Intrusion Detection Techniques in Wireless Ad Hoc Networks," Computer Software and Applications Conference, 2006. COMPSAC ''06. 30th Annual International, vol. 2, pp. 347-349, 2006. [26] Y. Chen, "Detecting and Localizing Wireless Spoofing Attacks," Sensor, Mesh and Ad Hoc Communications and Networks, 2007. SECON ''07. 4th Annual IEEE Communications Society Conference on, pp. 193-202, 2007. [27] S. Fayssal, "Anomaly-Based Behavior Analysis of Wireless Network Security," Mobile and Ubiquitous Systems: Networking & Services, 2007. MobiQuitous 2007. Fourth Annual International Conference on, pp. 1-8, 2007. [28] F. Guo and T. Chiueh, "Sequence Number- Based MAC Address Spoof Detection," In Proc. of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) [29] http://www.cert.org/ [30] http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html [31] http://oleg.wl500g.info/ [32] http://www.dd-wrt.com/ [33] http://openwrt.org/ [34] http://snort-wireless.org/ [35] http://www.kismetwireless.net/ [36] http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/docs/attackDB.html
摘要: 本論文有別於傳統經由有線(wired)網路而入侵的舊有的入侵偵測系統;我們所建立的無線網路入侵偵測系統,是為了偵測入侵者透過無線的環境,經由無線存取點而入侵到區域網路(Local Area Network,簡稱LAN),因此我們透過實際去更改無線存取點(Access Point, AP)韌體的技術,將AP視為偵測入侵的感測器(sensor),且將偵測重點放在目前最廣為大家所使用的802.11標準的無線區域網路。本論文提出一個結合集中與分散架構優點之分散式無線網路入侵偵測系統,藉由多個AP取得資料、分析資料後,再將結果交由分散式入侵偵測協調者做進一步的分析控制。從系統實作與實驗結果顯示,本系統確實能有效偵測無線網路入侵行為。
As the number of wireless local area networks (WLAN) that conform to the IEEE 802.11 standards grows in an unprecedented rate, the security threats from WLAN raise concerns not only from the users but also from network administrators. In this thesis, we propose a distributed wireless intrusion detection system (DWIDS) for 802.11 WLAN. The proposed system is a hybrid of distributed and centralized architecture. In wireless networks, intruders may attack WLAN via wireless access point (AP). Therefore, AP can be used as the distributed sensors for detecting intrusions in the first place. In order to do it, we modified the firmware of AP and installed Snort-wireless and Kismet on AP for collecting and analyzing data. The analyzed data from different APs are then sent to the DWIDS coordinator for further processing. The implementation and experimental results show that the proposed system indeed detects several types of intrusions from WLAN.
URI: http://hdl.handle.net/11455/19532
其他識別: U0005-1507200813244200
文章連結: http://www.airitilibrary.com/Publication/alDetailedMesh1?DocID=U0005-1507200813244200
Appears in Collections:資訊科學與工程學系所

文件中的檔案:

取得全文請前往華藝線上圖書館

Show full item record
 
TAIR Related Article
 
Citations:


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.