Title :
A novel classification scheme for 802.11 WLAN active attacking traffic patterns
Author :
Zhou, Wenzhe ; Marshall, Alan ; Gu, Qiang
Author_Institution :
Sch. of Electr. & Electron. Eng., Queen´´s Univ., Belfast
Abstract :
In 802.11 WLANs, active intrusion attacks on the MAC layer causes changes in the management frame distributions. This paper focuses on detecting intrusions by analyzing the management traffic patterns. Experimental results are presented that describe the patterns generated by two well-known active attacks on 802.11 WLANs: deauthentication denial-of service (DoS) and man-in-the-middle (MITM). By clustering the management frame bursts over a certain period of time, we observe that the active attacking traffic patterns can be classified through calculation of a cluster content value (CCV). Our results show that when any station in a WLAN experiences clustering in its management traffic distribution, the CCV can be used to detect and classify the attacks the station is experiencing
Keywords :
computer network management; telecommunication security; telecommunication traffic; wireless LAN; 802.11 WLAN; MAC layer; active attacking traffic patterns; classification scheme; cluster content value; deauthentication denial-of service; man-in-the-middle; management frame distributions; management traffic patterns; Access protocols; Computer crime; Computer hacking; Cryptography; Data security; Intrusion detection; Pattern analysis; Telecommunication traffic; Traffic control; Wireless LAN;
Conference_Titel :
Wireless Communications and Networking Conference, 2006. WCNC 2006. IEEE
Conference_Location :
Las Vegas, NV
Print_ISBN :
1-4244-0269-7
Electronic_ISBN :
1525-3511
DOI :
10.1109/WCNC.2006.1683541
