Wireless Snort - A WIDS in progress
نویسنده
چکیده
The Snort intrusion detection system is a widely used and well-regarded open sourcesystem used for the detection of malicious activity in conventional wired networks. Recently, software patches to enable 802.11 wireless intrusion detection capability in Snort have been released. This paper focuses on the lessons learned from a live deployment of these wireless extensions to the Snort IDS. Generic issues with the deployment of wireless intrusion detection systems are discussed in this paper. In addition, preliminary findings and analysis from the data collected in the pilot study using the wireless enabled snort intrusion detection system are also presented.
منابع مشابه
Generating Representative Attack Test Cases for Evaluating and Testing Wireless Intrusion Detection Systems
Openness of wireless communication medium and flexibility in dealing with wireless communication protocols and their vulnerabilities create a problem of poor security. Due to deficiencies in the security mechanisms of the first line of defense such as firewall and encryption, there are growing interests in detecting wireless attacks through a second line of defense in the form of Wireless Intru...
متن کاملSpeaking the Local Dialect: Exploiting differences between IEEE 802.15.4 Receivers with Commodity Radios for fingerprinting, targeted attacks, and WIDS evasion
Producing IEEE 802.15.4 PHY-frames reliably accepted by some digital radio receivers, but rejected by others—depending on the receiver chip’s make and model—has strong implications for wireless security. Attackers could target specific receivers by crafting “shaped charges,” attack frames that appear valid to the intended target and are ignored by all other recipients. By transmitting in the un...
متن کاملOptimal information-dispersal for fault-tolerant communication over a burst-error channel
The ( ) wireless information dispersal scheme (WIDS) is useful for fault-tolerant parallel wireless communications, where it can be used to tolerate up to path (subchannel) failures. This paper constructs a performance model of ( ) WIDS used in wireless communications, and proposes an algorithm to find the optimal set of ( ) with the highest reliability. This algorithm reduces the complexity of...
متن کاملWiDS: An Integrated Toolkit for Distributed System Development
Faced with a proliferation of distributed systems in research and production groups, we have devised the WiDS ecosystem of technologies to optimize the development and testing process for such systems. WiDS optimizes the process of developing an algorithm, testing its correctness in a debuggable environment, and testing its behavior at large scales in a distributed simulation. We have developed...
متن کاملPerformance Analysis of Wireless Intrusion Detection Systems
Wireless network security has a considerable attention in recent years. Several security efforts have been exerted to combat the wireless attacks, but unfortunately complete attack prevention at the first line of defense such as authentication, encryption, and firewall is not realistically attainable. Thus, the emphasis on detecting wireless attacks at a second line of defense, in the form of W...
متن کامل