28
Wireless Intrusion Detection System Proof of Concept Leon & Yunhai
| Date post: | 03-Jan-2016 |
| Category: |
Documents |
| Upload: | claudia-schneider |
| View: | 76 times |
| Download: | 0 times |
Wireless Intrusion Detection System
Proof of Concept
Leon & Yunhai
Agenda Project Review Info Measurements Data Analysis Sample Experiments Future Works
Project Review
Project Review
InternetInternet
MIB
MIB
MIBMIB
MIB
IDS
MIB
Attacker
AiroPeek
CS AP
Project Review
InternetInternet
IDS
MIB,
SysLog
Client1
Attacker AP
2.4 GHz
Info Measurements Info Resources
SNMP MIB A collection of objects that can be
accessed via a network management protocol
System Log Event/Trap Captures
Wireless Capture
Info Measurements Info Collection Tools
Hardware Cisco Access Point Cisco Wireless Card
Software Visual Studio Net SNMP AiroPeek Netstumbler
MIB Collection & Storage
SysLog
Data Analysis Measurement Based Analysis Correlate Parameters w/ Events
Contention Interference RF Interference Wireless Intrusion Wireless DoS Attack
Sample Experiments Contention Interference
CS AP
Client1
Test AP
Client2
Chl 9
Chl 9
MIB
Contention Interference MIB
dot11ACKFailureCount.1 dot11FailedCount.1 dot11FCSErrorCount.1 dot11FrameDuplicateCount.1 dot11MulticastTransmittedFrameCount.1 dot11MultipleRetryCount.1 dot11RTSFailureCount.1 dot11TransmittedFrameCount.1
Contention Interference
dot11ACKFailureCount.1
0
20
40
60
80
100
1 66 131
196
261
326
391
456
521
586
651
716
781
dot11FailedCount.1
0
20
40
60
80
100
1 66 131
196
261
326
391
456
521
586
651
716
781
Contention Interference
dot11FCSErrorCount.1
050
100150200250300350400
1 66 131
196
261
326
391
456
521
586
651
716
781
Contention Interference
dot11TransmittedFrameCount.1
0
100
200
300
400
500
600
1 66 131
196
261
326
391
456
521
586
651
716
781
Contention Interference
Contention Interferencedot11FrameDuplicateCount.1
0
2
4
6
8
10
1 65 129
193
257
321
385
449
513
577
641
705
769
833
dot11MulticastTransmittedFrameCount.1
0
5
10
15
20
25
1 65 129
193
257
321
385
449
513
577
641
705
769
833
dot11MultipleRetryCount.1
0
0.2
0.4
0.6
0.8
1
1 65 129
193
257
321
385
449
513
577
641
705
769
833
dot11RTSFailureCount.1
0
2
4
6
8
10
12
14
1 65 129
193
257
321
385
449
513
577
641
705
769
833
Sample Experiments Cordless Phone RF Interference
AiroPeek
Test AP
Client1
Chl 12.4
GHz
Cordless Phone RF Inter
Running Rate
0
5
10
15
20
25
30
35
40
45
0 500 1000 1500 2000 2500 3000
Cordless Phone RF Inter
Running Sum
0
500
1000
1500
2000
2500
3000
3500
57850 57900 57950 58000 58050 58100
Sample Experiments Intrusion Attack
AirJack DoS Attack
Void11
Future Works Real Time Automation Synchronize & Coordinate all info Extend to 802.16
Simulations Measurements
802.16 Protocol Layering
802.16 MIB Structure
802.16 MIB Structure
802.16 MIB Structure
802.16 MIB Structure
