The effect of probe interval estimation on attack detection performance of a WLAN independent intrusion detection system

J. Milliken, V. Selis, K. M. Yap, A. Marshall

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

A new niche of densely populated, unprotected networks is becoming more prevalent in public areas such as Shopping Malls, defined here as independent open-access networks, which have attributes that make attack detection more challenging than in typical enterprise networks. To address these challenges, new detection systems which do not rely on knowledge of internal device state are investigated here. This paper shows that this lack of state information requires an additional metric (The exchange timeout window) for detection of WLAN Denial of Service Probe Flood attacks. Variability in this metric has a significant influence on the ability of a detection system to reliably detect the presence of attacks. A parameter selection method is proposed which is shown to provide reliability and repeatability in attack detection in WLANs. Results obtained from ongoing live trials are presented that demonstrate the importance of accurately estimating probe request and probe response timeouts in future Independent Intrusion Detection Systems.
Original languageEnglish
Title of host publicationIET International Conference on Wireless Communications and Applications (ICWCA 2012)
PublisherIET
Pages101-106
Number of pages6
ISBN (Print)978-1-84919-550-8
DOIs
Publication statusPublished - 2012
EventThe IET International Conference on Wireless Communications and Applications - Kuala Lumpur, Malaysia
Duration: 08 Oct 201210 Oct 2012

Conference

ConferenceThe IET International Conference on Wireless Communications and Applications
CountryMalaysia
CityKuala Lumpur
Period08/10/201210/10/2012

Keywords

  • WLAN
  • Probe
  • MAC
  • Intrusion

Fingerprint Dive into the research topics of 'The effect of probe interval estimation on attack detection performance of a WLAN independent intrusion detection system'. Together they form a unique fingerprint.

Cite this