分布式无线入侵防御系统预先决策引擎研究

doi:10.3969/j.issn.1000-0801.2010.10.020

Abstract

Abstract:

Nowadays wireless intrusion prevention systems have become the research hotspot with the fast development of WLAN. In this paper，we first introduce the common attack methods for WLAN，and then present the framework of the wireless IPS with a distributed pre-decision engine，which can predict the future actions and direct active responses to these actions. We implement an improved model with extended detection rules for conducting intrusion plan and making pre-decision，by gathering wireless device information and importing supporting degree of intrusion plan in plan recognition. Experimental results showed that the distributed pre-decision engine can not only improve wireless intrusion detection and prevention performance，also reduce false negatives and false positives evidently.

Key words: intrusion prevention system, plan recognition, detection rule, network security

Guanlin Chen,Yan Feng,Zebing Wang. Research of Distributed Pre-Decision Engine in Wireless Intrusion Prevention Systems[J]. Telecommunications Science, 2010, 26(10): 80-86.

Figures/Tables 7

References 12

1	中国互联网络信息中心（CNNIC）. 第25 次中国互联网络发展状况统计报告，， 2010
2	Ken Hutchison . Wireless intrusion detection systems，
3	杨哲 . 无线网络安全攻防实战-Bchord. 北京电子工业出版社， 2008
4	吴海燕，蒋东兴，程志锐 . 入侵防御系统研究-Bchord. 计算机工程与设计， 2007,28（24）： 5844～5846
5	李庆超，邵志清 . 无线网络的安全架构与入侵检测的研究-Bchord. 计算机工程， 2005,31（3）： 143～145
6	Wen-Chuan Hsieh ， Chi-Chun Lo ， Jing-Chi Lee . The implementation of a proactive wireless intrusion detection system. In：The Fourth International Conference on Computer and Information Technology, Wuhan，China 2004
7	Henry Kautz ， . A formal theory of plan recognition. Rochester：University of Rochester, Portland Oregon，USA,August 30—September 3 1987
8	龙小飞，冯雁，王瑞杰 . 网络入侵检测系统预先决策检测引擎研究（. 浙江大学学报（工学版）, 2006,10（40）： 1701～1704
9	Guanlin Chen ， Hui Yao ， Zebing Wang . An intelligent WLAN intrusion prevention system based on signature detection and plan recognition. In：Proceedings of the Second International Conference on Future Networks（ICFN 2010）, Sanya 2010
10	姜云飞，马宁 . 一种基于规划知识图的规划识别算法. 软件学报， 2002,4（13）： 686～692
11	Goldman R P ， Geib C W . Plan recognition in intrusion detection systems. In：Proceedings of DARPA Information Survivability Conference and Exposition（DISCEX）, Anaheim， 2001
12	陈观林，王泽兵，冯雁 . 智能化网络入侵检测模型的研究. 计算机工程与应用， 2005,41（16）： 146～149

Metrics

Recommended 0

No Suggested Reading articles found!

规则选项	语法格式
channel	channel：[！]＜number＞
signal	signal strength：[！]＜number＞
source_address	source_address：[！]＜number＞
dest_address	dest_address：[！]＜number＞
encryption	encryption：[！]TRUE\|FALSE
injection	injection：[！]TRUE\|FALSE
protected	protected：[！]TRUE\|FALSE
privacy	privacy：[！]TRUE\|FALSE
wpa	wpa：[！]TRUE\|FALSE\|ON\|OFF
data	data：[！]＜number＞

部署系统		识别的攻击行为
部署系统	类别数量	攻击方法
DPDE原型系统	8	所有8类攻击方法
Snort-Wireless	4	War Driving、DoS、Rogue AP、MAC Spoofing

[1]	Le ZHANG, Hongyuan MA. Practice on edge cloud security of telecom operators [J]. Telecommunications Science, 2023, 39(4): 165-172.
[2]	Weixiong CHEN, Xiaochen YANG, Zengjun CHUN, Ruolan LI, Hua ZHANG. Research and practice of network security threat intelligence management system for power enterprise [J]. Telecommunications Science, 2022, 38(7): 184-189.
[3]	Yatian LIU, Bowen HU, Maofei CHEN, Dongxin LIU. Study on the 5GC security situational awareness system [J]. Telecommunications Science, 2022, 38(11): 73-85.
[4]	Yue GU, Dan LI, Kaihui GAO. Research on network traffic classification based on machine learning and deep learning [J]. Telecommunications Science, 2021, 37(3): 105-113.
[5]	Ming GAO,Jin LUO,Huiying ZHOU,Hai JIAO,Lili YING. A differential feedback scheduling decision algorithm based on mimic defense [J]. Telecommunications Science, 2020, 36(5): 73-82.
[6]	Zhiqiang YANG,Li SU,Minpeng QI,Bo YANG. Overview and prospect of 5G security [J]. Telecommunications Science, 2020, 36(12): 1-19.
[7]	Guofeng HE. Application protection in 5G cloud network using zero trust architecture [J]. Telecommunications Science, 2020, 36(12): 123-132.
[8]	Ping XIE,Xiaosong LIU. Security of the deployment of SDN-based IoT using blockchain [J]. Telecommunications Science, 2020, 36(12): 139-146.
[9]	Yuanying XIAO,Yaodong YOU,Lixi XIANG. Causes and optimization of the false alarm rate of code review system [J]. Telecommunications Science, 2020, 36(12): 155-162.
[10]	Hang YU,Shuai WANG,Huamin JIN. RASP based Web security detection method [J]. Telecommunications Science, 2020, 36(11): 113-120.
[11]	Junwen WANG. Technical requirement of future industrial internet [J]. Telecommunications Science, 2019, 35(8): 26-38.
[12]	Cong LI, Bo LEI, Chongfeng XIE, Yunhe LI. Trustworthy network based on blockchain technology [J]. Telecommunications Science, 2019, 35(10): 60-68.
[13]	Jianquan WANG,Zhangchao MA,Xinzhong LI,Lei SUN,Changwei HU. Quantum secure communication network architecture and mobile application solution [J]. Telecommunications Science, 2018, 34(9): 10-19.
[14]	. Interestmeasurement and system construction of personal information protectionLI Meiyan [J]. Telecommunications Science, 2018, 34(8): 160-166.
[15]	Qi LIANG. Security＆ safety protection solution of ICS [J]. Telecommunications Science, 2018, 34(4): 144-150.

Research of Distributed Pre-Decision Engine in Wireless Intrusion Prevention Systems

RichHTML

PDF下载

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 7

References 12

Related Articles 15

Metrics

Recommended 0