A new niche of densely populated, unprotected networks is becoming more prevalent in public areas such as Shopping Malls, defined here as independent open-access networks, which have attributes that make attack detection more challenging than in typical enterprise networks. To address these challenges, new detection systems which do not rely on knowledge of internal device state are investigated here. This paper shows that this lack of state information requires an additional metric (The exchange timeout window) for detection of WLAN Denial of Service Probe Flood attacks. Variability in this metric has a significant influence on the ability of a detection system to reliably detect the presence of attacks. A parameter selection method is proposed which is shown to provide reliability and repeatability in attack detection in WLANs. Results obtained from ongoing live trials are presented that demonstrate the importance of accurately estimating probe request and probe response timeouts in future Independent Intrusion Detection Systems.
|Title of host publication||IET International Conference on Wireless Communications and Applications (ICWCA 2012)|
|Number of pages||6|
|Publication status||Published - 2012|
|Event||The IET International Conference on Wireless Communications and Applications - Kuala Lumpur, Malaysia|
Duration: 08 Oct 2012 → 10 Oct 2012
|Conference||The IET International Conference on Wireless Communications and Applications|
|Period||08/10/2012 → 10/10/2012|