Wireless intrusion detection and response: a classic study using main-in-the-middle attack

Author

Schmoyer, Timothy R. ; Lim, Yu Xi ; Owen, Henry L.

Author_Institution

Sch. of Electr. & Comput. Eng., Georgia Inst. of Technol., USA

Volume

2

fYear

2004

fDate

21-25 March 2004

Firstpage

883

Abstract

Intrusion detection and countermeasures response is an active area of research. In this paper, we examine integrating an intrusion detection engine with an active countermeasure capability. We use a classic man in the middle attack as a case study to specify the integrated wireless intrusion detection capability with the active countermeasure response. We present a case study in dynamically defending against an example attack in an 802.11 infrastructure basic service set by combining the concepts for a distributed wireless intrusion detection and response system architecture with adaptive response strategies based on alarm confidence, attack frequency, assessed risks, and estimated response costs. We also include a description of a tool kit we have implemented to prototypically test and evaluate our concepts.

Keywords

telecommunication security; wireless LAN; IEEE 802.11; WLAN; active countermeasure capability; adaptive response strategies; alarm confidence; assessed risks; attack frequency; main-in-the-middle attack; response costs; wireless LAN; wireless intrusion detection; wireless security; Ad hoc networks; Communication system security; Computer aided software engineering; Engines; Frequency estimation; Intrusion detection; Local activities; Monitoring; Prototypes; Wireless networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Wireless Communications and Networking Conference, 2004. WCNC. 2004 IEEE

ISSN

1525-3511

Print_ISBN

0-7803-8344-3

Type

conf

DOI

10.1109/WCNC.2004.1311303

Filename

1311303