Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

Design and implementation of an embedded intrusion detection system for wireless applications

Design and implementation of an embedded intrusion detection system for wireless applications

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

The exponential growth in wireless network faults, vulnerabilities and attacks makes the wireless local area network (WLAN) security management a challenging research area. In this study, a new embedded wireless intrusion detection system (WIDS) is designed and implemented in order to protect a multi-services wireless network. The proposed WIDS must be in small size in order to be integrated in different wireless devices, low cost in order to be placed in many places and has good performance to cover the data rate of the WLAN. All these attributes are achieved by network processor, and Ubicom network processor is used to implement the proposed WIDS. Different implementations of the proposed intrusion detection system are suggested and various searching algorithms are tested on an experimental platform. Finally, the WIDS approach is validated by experimenting with ten different types of attacks. The experimental results obtained from this work indicate that the proposed WIDS can worked efficiently at IEEE 802.11b WLAN network which provides different services to its clients with data rate ranges between 1.08 and 9.24 Mbps, and memory capacity of 250 rules.

References

    1. 1)
      • Yang, H., Xie, L., Sun, J.: `Intrusion detection solution to WLANs', Proc. Sixth IEEE Circuits and Systems Symp. Emerging Technologies: Emerging Technologies: Frontiers of Mobile and Wireless Communication, 2 June 2004.
    2. 2)
      • Boyer-Moore algorithm: Web Site: http://www-igm.univ-mlv.fr/~lecroq/string/node14.html.
    3. 3)
      • Kim, Y., Jung, B., Lim, J., Kim, K.: `Processing of multi-pattern signature in intrusion detection system with content processor', Sixth Int. Conf. Information, Communications & Signal Processing, 10–13 December 2007.
    4. 4)
      • Y. Wang , H. Kobayashi . High performance pattern matching algorithm for network security. Int. J. Comput. Sci. Netw. Secur. , 10 , 83 - 87
    5. 5)
      • Charitakis, I., Pnevmatikatos, D., Markatos, E., Anagnostakis, K.: `Code generation for packet header intrusion analysis on the IXP1200 network processor', Seventh Int. Workshop on Software and Compilers for Embedded Systems, September 2003, Vienna, Austria.
    6. 6)
      • H. Song , W. John . Efficient packet classification for network intrusion detection using FPGA.
    7. 7)
      • C. Lovis , H. Robert . Fast exact string pattern-matching algorithms adapted to the characteristics of the medical language.
    8. 8)
      • Aldwairi, M.: `Hardware-efficient pattern matching algorithm and architectures for fast intrusion detection', 2006, PhD, North Carolina State University, Computer Engineering Dept..
    9. 9)
      • Herbert, B., Kaiming, H.: `A network intrusion detection system on IXP1200 network processors with support for large rule sets', Technical Report, 2004.
    10. 10)
      • Münz, G., Weber, N., Carle, G.: `Signature detection in sampled packets', Second Workshop on Monitoring, Attack Detection and Mitigation, 5–6 November 2007, Toulouse, France.
    11. 11)
      • UBICOM: ‘IP2022 wireless network processor features and performance optimized for network connectivity IP2022 data sheet’, Inc., 22 January 2009, http//www.ubicom.com.
    12. 12)
      • UBICOM: ‘IP3000/IP2000 family software development kit reference manual’, Inc., 28 June 2005, http//www.ubicom.com.
    13. 13)
      • S. Ryu , B. Chung , K. Kim . (2006) Incorporating intrusion detection functionality into 1XP2800 network processor based router.
    14. 14)
      • UBICOM: ‘IP2022 Internet processor product brief’, Inc., 2001, http//www.ubicom.com.
    15. 15)
      • M. Matt . (2006) Wireless intrusion detection systems (WIDS): protecting the wireless perimeter.
    16. 16)
      • Salim, R., Radha, G.: `Software-based packet classification in network intrusion detection system using network processor', IEEE Region 10 Conf. TENCON, 14–17 November 2006.
    17. 17)
      • Grant, A.: `Battery-based intrusion detection', 12 April 2005, Master, Virginia Polytechnic Institute and State University, Computer Engineering Dept., Blacksburg, Virginia.
    18. 18)
      • Sheu, T., Huang, N., Lee, H.: `A time- and memory-efficient string matching algorithm for intrusion detection systems', Global Telecommunications Conf., 1 December 2006.
    19. 19)
      • Matyas, A., Moore, J.: `String searching over small alphabets', Technical Report, 11 December 2007.
    20. 20)
      • Zhao, K., Chu, J., Che, X., Lin, L., Liang, H.: `Improvement on rules matching algorithm of snort based on dynamic adjustment', Second Int. Conf. Anti-counterfeiting, Security and Identification, 20–23 August 2008.
    21. 21)
      • Domenico, M., Calandriello, G., Lioy, A.: `A wireless distributed intrusion detection system and a new attack model', Proc. 11th IEEE Symp. Computers and Communications, 26–29 June 2006.
    22. 22)
      • Tuck, N., Sherwood, T., Calder, B., Varghese, G.: `Deterministic memory-efficient string matching algorithms for intrusion detection', Twenty-third Annual Joint Conf. IEEE Computer and Communications Societies, 7–11 March 2004, 4, p. 2628–2639.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2010.0245
Loading

Related content

content/journals/10.1049/iet-ifs.2010.0245
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address