HỆ THỐNG PHÁT HIỆN XÂM NHẬP CHO MẠNG KHÔNG DÂY DỰA TRÊN PHẦN MỀM NGUỒN MỞ
Abstract
WLAN (Wireless Local Area Network) have become ubiquitous in today's world. With a capability providing “over-the-air” connections, WLANmay be the best choice for accessing Internet anytime and anywhere without heavy investment in infrastructure. In recent times, insecure wireless networks have been exploited to break into companies, banks, and government organizations. The frequency of these attacks has intensified. Therefore, it is very necessary and important to deploy a Wireless Intrusion Detection System (WIDS). Unfortunately, WIDS is usually very expensive, hard to customize and expand. This paper aims at proposing an effective alternative solution to deploy WIDS, which completely bases on open source software and customer-level network devices with low cost. This WIDS solution offers many edge features which are only found in expensive devices. These fearures include inside/outside wireless attack detecting, SMS alerting, and database supporting.
Tóm tắt
Article Details
Tài liệu tham khảo
ARUBA networks, 2013. Integrating Wired IDS with Wi-Fi Using Open-Source IDS to Complement a Wireless IDS/IPS Deployment.
Champ Clark III, 2014. Building Wireless IDS system using open source, http://sagan.quadrantsec.com/papers/wireless-ids/, assessed on 02/06/2014.
Cisco, 2014. Cisco Licensing and Ordering Guide, http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd804b4646.html, assessed on 02/06/2014.
Cisco, 2014. Cisco Unified Wireless Network, http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/secwlandg20/ch4_2_SPMb.html, assessed on 02/06/2014.
Dice Holdings, 2014. SourceForge: Daemonlogger, http://sourceforge.net/projects/daemonlogger/, accessed on 19/5/2014.
Geminicomputersinc, 2014. CSC-AIRLAP1261NAK9, http://www.geminicomputersinc.com/csc-airlap1261nak9.html, accessed on 19/5/2014.
Grant Wilson, 2001. OSI Defense in Depth to Increase Application Security, http://www.giac.org/paper/gsec/2868/osi-defense-in-depth-increase-application-security/10484, assessed on 02/06/2014.
Hossein Bidgoli, 2006. The Handbook of Information Security. John Wiley & Sons, Inc.
Jason Murray, 2014. An Inexpensive Wireless IDS using Kismet and OpenWRT, http://www.sans.org/reading_room/whitepapers/detection/inexpensive-wireless-ids-kismet-openwrt_33103, assessed on 02/06/2014.
John Bellardo and Stefan Savage, 2003. 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions. Department of Computer Science and Engineering, University of California at San Diego.
Martin Roesch, Chris Green, 2014. SNORT Users Manual, http://manual.snort.org/, assessed on 02/06/2014.
Mike Kershaw, 2014. Kismet Documentation, http://www.kismetwireless.net/documentation.shtml, assessed on 02/06/2014.
Nathan Einwechter, 2010. An Introduction To Distributed Intrusion Detection Systems, http://www.symantec.com/connect/articles/introduction-distributed-intrusion-detection-systems, assessed on 02/06/2014.
Network Hardware Australia. 2014, Cisco Wireless Control System, http://www.networkhardware.net.au/cisco-wcsapbase50-p-15452.html?utm_term=CISCO+WCS+APBASE+50&utm_campaign=Network+Products&utm_medium=cpc&utm_source=myshopping, accessed on 19/5/2014.
OpenWrt, 2014. OpenWrt: Wireless Freedom, https://openwrt.org/, accessed on 19/5/2014.
Prabhaker Mateti, 2005. Hacking Techniques in Wireless Networks, http://cecs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm, assessed on 02/06/2014
Rafeeq Ur Rehman, 2003. Intrusion Detection Systems with Snort: Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID.
Router-switch Ltd, 2014. AIR-WLC4402-12-K9, http://www.router-switch.com/air-wlc4402-12-k9-p-4378.html, accessed on 17/3/2014.