State of the art in intrusion detection in 802.11i networks
Main Article Content
Abstract
This article analyzes the various existing security mechanisms that add different levels of security to wireless networks. The so-called wireless intrusion detection system (WIDS) is also described as a highly used tool for detecting network intrusions. Finally, significant and updated information is collected to identify the different techniques developed for detecting intrusions in 802.11 networks.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish in this journal agree to the following terms: Authors retain the copyright and guarantee the journal the right to be the first publication of the work, as well as, licensed under a Creative Commons Attribution License that allows others share the work with an acknowledgment of the authorship of the work and the initial publication in this journal. Authors may separately establish additional agreements for the non-exclusive distribution of the version of the work published in the journal (for example, placing it in an institutional repository or publishing it in a book), with acknowledgment of its initial publication in this journal. Authors are allowed and encouraged to disseminate their work electronically (for example, in institutional repositories or on their own website) before and during the submission process, as it may lead to productive exchanges as well as further citation earliest and oldest of published works.
How to Cite
References
[2] Bell Labs. (2007) The Bell Labs security framework: Making the case of End to End Wifi Networks. [En línea]. http://www.forsitegroup.com/pdf/wp_lucent_wifi_security.pdf
[3] A. Tsakountakis, G. Kambourakis, y S. Gritzalis, "Towards effective Wireless Intrusion Detection in IEEE 802.11i", en Security, Privacy and Trust in Pervasive and Ubiquitous Computing, 2007. SECPerU 2007. Third International Workshop on, 2007, pp. 37-42.
[4] Songhe Zhao, C.A. Shoniregun, y C. Imafidon, "Addressing the vulnerability of the 4-way handshake of 802.11i", en Digital Information Management, 2008. ICDIM 2008. Third International Conference on, 2008, pp. 351-356.
[5] Jing Liu, Xinming Ye, Jun Zhang, y Jun Li, "Security Verification of 802.11i 4-Way Handshake Protocol", en Communications, 2008. ICC '08. IEEE International Conference on, 2008, pp. 1642-1647.
[6] Xinyu Xing, E. Shakshuki, D. Benoit, y T. Sheltami, "Security Analysis and Authentication Improvement for IEEE 802.11i Specification", en Global Telecommunications Conference, 2008. IEEE GLOBECOM 2008. IEEE, 2008, pp. 1-5.
[7] "IEEE Standard for Local and metropolitan area networks - Port-Based Network Access Control", IEEE Std 802.1X-2010 (Revision of IEEE Std 802.1X-2004), pp. C1 -205, 2010.
[8] Li Wang y B. Srinivasan, "Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard", en Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference on, vol. 2, 2010, pp. 109-113.
[9] C. F., & Pfleeger, S. L Pfleeger,. Upper Saddle River, NJ: Pearson Education, 2003.
[10] Urko ZURUTUZA, Estado del Arte: Sistemas de detección de intrusos.: Universidad Politécnica de Mondragón, Departamento de Informática, 2004. [En línea]. http://www.criptored.upm.es/guiateoria/gt_m399a.htm
[11] Snort IDS. (2010) [En línea]. www.snort.org
[12] BRO Intrusion detection system. (2010) [En línea]. http://www.bro-ids.org/
[13] M. Guennoun, A. Lbekkouri, y K. El-Khatib, "Selecting the Best Set of Features for Efficient Intrusion Detection in 802.11 Networks", en Proc. 3rd Int. Conf. Information and Communication Technologies: From Theory to Applications ICTTA 2008, 2008, pp. 1-4.
[14] K. Ilgun, R.A. Kemmerer, y P.A. Porras, "State transition analysis: a rule-based intrusion detection approach", Software Engineering, IEEE Transactions on, vol. 21, no. 3, pp. 181-199, 1995.
[15] Bin Dong y Xiu-Ling Liu, "An Improved Intrusion Detection System Based on Agent", en Machine Learning and Cybernetics, 2007 International Conference on, vol. 6, 2007, pp. 3164-3167.
[16] H. Debar and J.Viinikka, "Intrusion detection: Introduction", en FOSAD 2004/2005, 2005.
[17] R. Sekar et al., "Specification-Based anomaly detection: a new approach for detecting network intrusions", ACM CCCS, pp. 265-274, 2002.
[18] Rupinder Gill, Jason Smith, y Andrew Clark, "Specification-Based Intrusion Detection in WLANs", en Proc. 22nd Annual Computer Security Applications Conf. ACSAC '06, 2006, pp. 141-152.
[19] I Aad M. Raya, "DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots", en Proceedings of the 2nd international conference on Mobile systems applications and services , 2004, pp. 84-97.
[20] E. Sithirasenan y V. Muthukkumarasamy, "Detecting Security Threats in Wireless LANs Using Timing and Behavioral Anomalies", en Networks, 2007. ICON 2007. 15th IEEE International Conference on, 2007, pp. 66-71.
[21] Y. Rong, S.-K. Lee, y H.-A. Choi, "Detecting Stations Cheating on Backoff Rules in 802.11 Networks Using Sequential Analysis", en INFOCOM 2006. 25th IEEE International Conference on Computer Communications. Proceedings, 2006, pp. 1-13.
[22] A. Cardenas, S. Radosavac, y J. Baras, "Evaluation of Detection Algorithms for MAC Layer Misbehavior: Theory and Experiments", Networking, IEEE/ACM Transactions on, vol. 17, no. 2, pp. 605-617, 2009.
[23] C. Ko, "Execution Monitoring of Security-Critical Programs in a Distributed System: A Specification-based Approach", U.C. Davis, California, PhD Thesis 1996.
[24] C. Ko, H. Tseng, P. Balasubramayan, A. Chaudhary, K. Levitt T. Song, "Formal Reasoning About a Specification-Based Intrusion Detection for Dynamic Autoconfiguration Protocols in Ad Hoc Networks", Formal Aspects in Security and Trust, pp. 16-33, 2005.
[25] C. Tseng, T. Song, P. Balasubramayam, C. Ko, y K. Levitt, "A Specification-based Intrusion Detection Model for OLSR", en RAID 2005, vol. 3858, 2005.
[26] S. Fayssal, S. Hariri, y Y. Al-Nashif, "Anomaly-Based Behavior Analysis of Wireless Network Security", en Mobile and Ubiquitous Systems: Networking Services, 2007. MobiQuitous 2007. Fourth Annual International Conference on, 2007, pp. 1-8.
[27] Zhiqi Tao y A.B. Ruighaver, "Wireless Intrusion Detection: Not as easy as traditional network intrusion detection", en TENCON 2005 2005 IEEE Region 10, 2005, pp. 1-5.
[28] K. El-Khatib, "Impact of Feature Reduction on the Efficiency of Wireless Intrusion Detection Systems", Parallel and Distributed Systems, IEEE Transactions on, vol. 21, no. 8, pp. 1143-1149, 2010.
[29] Openfire CyberSecurity. (2010) [En línea]. http://www.sourcefire.com/
[30] RealSecure. (2010) IBM, Internet Security Systems. [En línea]. http://www.iss.net/
[31] Cisco Intrusion Prevention System. (2010) [En línea]. http://www.cisco.com/en/US/products/sw/secursw/ps2113/index.html
[32] Dragon IDS. (2010) [En línea]. http://www.enterasys.com/products/ids
[33] Motorola Airdefense Security Solutions. (2010) [En línea]. http://www.airdefense.net/
[34] AirTight Networks. (2010) [En línea]. http://www.airtightnetworks.com/
[35] Kismet IDS. (2010) KismetWireless. [En línea]. www.kismetwireless.net
[36] WIDZ. (2010) Fat-Loud-Blokes-Word-Of-Wierd. [En línea]. http://www.loud-fat-bloke.co.uk/tools.html
[37] Huan-Rong Tang, Rou-Ling Sun, y Wei-Qiang Kong, "Wireless Intrusion Detection for defending against TCP SYN flooding attack and man-in-the-middle attack", en Proc. Int Machine Learning and Cybernetics Conf, vol. 3, 2009, pp. 1464-1470.
[38] Hongyu Yang, Lixia Xie, y Jizhou Sun, "Intrusion detection for wireless local area network", en Electrical and Computer Engineering, 2004. Canadian Conference on, vol. 4, 2004, pp. 1949 - 1952 Vol.4.
[39] R. Gunasekaran, V. Rhymend Uthariaraj, R. Sudharsan, S. Sujitha Priyadarshini, y U. Yamini, "Detection and prevention of selfish and misbehaving nodes at MAC layer in mobile ad hoc networks", en Proc. Canadian Conf. Electrical and Computer Engineering CCECE 2008, 2008, pp. 1945-1948.
[40] S. Usha y S. Radha, "A collective network arbitration protocol to detect MAC misbehavior in MANETS", en Proc. Int. Conf. Wireless Communication and Sensor Computing ICWCSC 2010, 2010, pp. 1-5.
[41] R. D. Vallam, A. A. Franklin, y C. Siva Ram, "Modelling co-operative MAC layer misbehaviour in IEEE 802.11 ad hoc networks with heterogeneous loads", en Proc. 6th Int. Symp. Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks and Workshops WiOPT 2008, 2008, pp. 197-206.