Intrusion Detection in 802.11 Wireless Local Area Networks

PDF

Authors
  1. Salmanian, M.
  2. Leonard, S.
  3. Lefebvre, J.H.
  4. Knight, S.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Royal Military Coll of Canada, Kingston ONT (CAN)
Abstract
This paper presents a theoretical study of the wireless protocol defined by the IEEE 802.11 standard in order to identify characteristics or potential idiosyncrasies that could be used to enhance intrusion detection in a WLAN. The control, management, and data frames used to implement the media access control (MAC) functionality along with WLAN services and a state relationship that governs the exchange of frames between wireless stations provide useful insights into the signatures that identify security-related threats and intrusions. The threat signatures obtained in this research clearly indicate the usefulness of IEEE 802.11 frames and the state relationship rules in helping to detect some of the known threats to WLANs. The frame types and information fields provide insights about the source of the transmission as well as the intent. The state relationship rules assist in the detection of situations that violate the procedures described in the 802.11 standard. A number of common security-related threats are discussed and evaluated in experiments. The characteristics of the IEEE 802.11 standard are exploited to derive signatures for these threats in supporting intrusion detection in a WLAN [1].

Il y a un résumé en français ici.

Keywords
WLAN;802.11;IDS (Intrusion Detection System);Wireless communications;Wireless networks
Report Number
DRDC-OTTAWA-TM-2004-120 — Technical Memorandum
Date of publication
01 Jul 2004
Number of Pages
38
DSTKIM No
CA025034
CANDIS No
522558
Format(s):
CD ROM

Permanent link

Document 1 of 1

Date modified: