POPL '83 Proceedings of the 10th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Log Auditing through Model-Checking
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
The Final Nail in WEP's Coffin
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
802.11 denial-of-service attacks: real vulnerabilities and practical solutions
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
The temporal logic of programs
SFCS '77 Proceedings of the 18th Annual Symposium on Foundations of Computer Science
A sophisticated solution for revealing attacks on wireless LAN
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Sequence number-based MAC address spoof detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
The ORCHIDS intrusion detection tool
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Hi-index | 0.00 |
In recent years, wireless equipment and services have become close to ubiquitous. Unfortunately, these services are more often than not ill configured security-wise, with minimal protection against potentially damaging attacks. To alleviate this problem, intrusion detection techniques may be used to help identify suspicious behaviour and counter intrusion attempts. In this paper, we describe an extension to the Orchids intrusion detection tool, aimed at detecting intrusions in wireless networks. First, an event analysis module specialized for 802.1 wireless network events has been developed and integrated into Orchids. Next, a number of known attacks (e.g., deauthentication flooding, rogue access points and ChopChop) were modelized and described using declarative signatures. Then, within a simplified but realistic environment, the attacks were reenacted and successfully detected. To our knowledge, our team is the first to detect the ChopChop attack.