Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network

In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.Comment: 16 pages, International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010. arXiv admin note: text overlap with arXiv:1111.1933 by other author

Intrusion Detection Systems for Community Wireless Mesh Networks

Wireless mesh networks are being increasingly used to provide affordable network connectivity to communities where wired deployment strategies are either not possible or are prohibitively expensive. Unfortunately, computer networks (including mesh networks) are frequently being exploited by increasingly profit-driven and insidious attackers, which can affect their utility for legitimate use. In response to this, a number of countermeasures have been developed, including intrusion detection systems that aim to detect anomalous behaviour caused by attacks. We present a set of socio-technical challenges associated with developing an intrusion detection system for a community wireless mesh network. The attack space on a mesh network is particularly large; we motivate the need for and describe the challenges of adopting an asset-driven approach to managing this space. Finally, we present an initial design of a modular architecture for intrusion detection, highlighting how it addresses the identified challenges

Intrusion Detection Systems for Community Wireless Mesh Networks

Wireless mesh networks are being increasingly used to provide affordable network connectivity to communities where wired deployment strategies are either not possible or are prohibitively expensive. Unfortunately, computer networks (including mesh networks) are frequently being exploited by increasingly profit-driven and insidious attackers, which can affect their utility for legitimate use. In response to this, a number of countermeasures have been developed, including intrusion detection systems that aim to detect anomalous behaviour caused by attacks. We present a set of socio-technical challenges associated with developing an intrusion detection system for a community wireless mesh network. The attack space on a mesh network is particularly large; we motivate the need for and describe the challenges of adopting an asset-driven approach to managing this space. Finally, we present an initial design of a modular architecture for intrusion detection, highlighting how it addresses the identified challenges

Wireless home automation networks for indoor surveillance: technologies and experiments

The use of wireless technologies for critical surveillance and home automation introduces a number of opportunities as well as technological challenges. New emerging technologies give the opportunity to exploit the full potential of the internet of things paradigm by augmenting existing wired installations with smart wireless architectures. This work gives an overview of requirements, characteristics, and challenges of wireless home automation networks with special focus on intrusion detection systems. The proposed wireless network is based on several sensors that are deployed over a monitored area for detecting possible risky situations and triggering appropriate actions in response. The network needs to support critical traffic patterns with different characteristics and quality constraints. Namely, it should provide a periodic low-power monitoring service and, in case of intrusion detection, a real-time alarm propagation mechanism over inherently unreliable wireless links subject to fluctuations of the signal power. Following the guidelines introduced by recent standardization, this paper proposes the design of a wireless network prototype at 868 MHz which is able to satisfy the specifications of typical intrusion detection applications. A proprietary medium access control is developed based on the low-power SimpliciTI radio stack (Texas Instruments Incorporated, San Diego, CA, USA). Network performance is assessed by experimental measurements using a test-bed in an indoor office environment with severe multipath and nonline-of-sight propagation conditions. The measurement campaigns highlight the potential of the sub-GHz technology for cable replacing

IMPLEMENTASI SISTEM PENANGANAN ROGUE ACCESS POINT MODEL BRIDGING CONNECTION PADA FAKULTAS ILMU TERAPAN UNIVERSITAS TELKOM

Rogue Access Point (RAP) merupakan salah satu ancaman terbesar dalam keamanan jaringan Wireless Local Area Network (WLAN). Dalam praktiknya RAP adalah sebuah perangkat yang dapat menciptakan jaringan wireless yang tidak sah oleh network admin. Resiko yang dihadapi dari serangan ini adalah pencurian informasi user, informasi yang dimaksud adalah seperti username dan password account. Dalam proyek akhir ini akan dikembangkan satu solusi untuk menangani masalah RAP model bridging connection dengan membangun sebuah sistem Wireless Intrusion Detection and Prevention System (WIDPS) sebagai sistem penanganan yang dapat membantu network admin dalam mendeteksi dan melakukan tindakan lanjut (response) terhadap RAP model bridging connection. Tindakan lanjut yang akan dilakukan oleh sistem setelah mendeteksi adanya aktifitas serangan RAP model bridging connection pada jaringan WLAN adalah melakukan block MAC Address RAP, sehingga RAP tidak dapat terhubung kembali ke dalam jaringan WLAN. Dalam sistem ini juga terdapat history log yang dapat digunakan oleh network admin untuk menganalisis ancaman keamanan pada jaringan WLAN. Kata Kunci: Rogue Access Point (RAP), Wireless Local Area Network (WLAN), Wireless Intrusion Detection and Prevention System (WIDPS), history log

Wireless and Physical Security via Embedded Sensor Networks

Wireless Intrusion Detection Systems (WIDS) monitor 802.11 wireless frames (Layer-2) in an attempt to detect misuse. What distinguishes a WIDS from a traditional Network IDS is the ability to utilize the broadcast nature of the medium to reconstruct the physical location of the offending party, as opposed to its possibly spoofed (MAC addresses) identity in cyber space. Traditional Wireless Network Security Systems are still heavily anchored in the digital plane of "cyber space" and hence cannot be used reliably or effectively to derive the physical identity of an intruder in order to prevent further malicious wireless broadcasts, for example by escorting an intruder off the premises based on physical evidence. In this paper, we argue that Embedded Sensor Networks could be used effectively to bridge the gap between digital and physical security planes, and thus could be leveraged to provide reciprocal benefit to surveillance and security tasks on both planes. Toward that end, we present our recent experience integrating wireless networking security services into the SNBENCH (Sensor Network workBench). The SNBENCH provides an extensible framework that enables the rapid development and automated deployment of Sensor Network applications on a shared, embedded sensing and actuation infrastructure. The SNBENCH's extensible architecture allows an engineer to quickly integrate new sensing and response capabilities into the SNBENCH framework, while high-level languages and compilers allow novice SN programmers to compose SN service logic, unaware of the lower-level implementation details of tools on which their services rely. In this paper we convey the simplicity of the service composition through concrete examples that illustrate the power and potential of Wireless Security Services that span both the physical and digital plane.National Science Foundation (CISE/CSR 0720604, ENG/EFRI 0735974, CIES/CNS 0520166, CNS/ITR 0205294, CISE/ERA RI 0202067