(3.236.228.250) 您好!臺灣時間:2021/04/20 00:45
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:蔡侑燐
研究生(外文):Yu-Lin Tsai
論文名稱:分散式無線網路入侵偵測系統
論文名稱(外文):Distributed Wireless Intrusion Detection System
指導教授:廖宜恩廖宜恩引用關係
學位類別:碩士
校院名稱:國立中興大學
系所名稱:資訊科學與工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
畢業學年度:96
語文別:中文
論文頁數:48
中文關鍵詞:無線區域網路無線存取點無線網路入侵偵測系統
外文關鍵詞:wireless local area networkwireless access pointdistributed wireless intrusion detection system
相關次數:
  • 被引用被引用:0
  • 點閱點閱:154
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
本論文有別於傳統經由有線(wired)網路而入侵的舊有的入侵偵測系統;我們所建立的無線網路入侵偵測系統,是為了偵測入侵者透過無線的環境,經由無線存取點而入侵到區域網路(Local Area Network,簡稱LAN),因此我們透過實際去更改無線存取點(Access Point, AP)韌體的技術,將AP視為偵測入侵的感測器(sensor),且將偵測重點放在目前最廣為大家所使用的802.11標準的無線區域網路。本論文提出一個結合集中與分散架構優點之分散式無線網路入侵偵測系統,藉由多個AP取得資料、分析資料後,再將結果交由分散式入侵偵測協調者做進一步的分析控制。從系統實作與實驗結果顯示,本系統確實能有效偵測無線網路入侵行為。
As the number of wireless local area networks (WLAN) that conform to the IEEE 802.11 standards grows in an unprecedented rate, the security threats from WLAN raise concerns not only from the users but also from network administrators.
In this thesis, we propose a distributed wireless intrusion detection system (DWIDS) for 802.11 WLAN. The proposed system is a hybrid of distributed and centralized architecture. In wireless networks, intruders may attack WLAN via wireless access point (AP). Therefore, AP can be used as the distributed sensors for detecting intrusions in the first place. In order to do it, we modified the firmware of AP and installed Snort-wireless and Kismet on AP for collecting and analyzing data. The analyzed data from different APs are then sent to the DWIDS coordinator for further processing. The implementation and experimental results show that the proposed system indeed detects several types of intrusions from WLAN.
摘要 i
Abstract ii
目錄 iii
圖目錄 v
表目錄 vii
第1章 緒論 1
1.1 背景及動機 1
1.2 問題描述 3
1.3 論文主要貢獻 3
1.4 論文架構 4
第2章 相關研究 5
2.1 入侵偵測系統研究探討 5
2.1.1 入侵攻擊的方式 5
2.1.2 入侵偵測系統之原理 9
2.1.3 入侵偵測系統之分類 10
2.1.4 分散式入侵偵測系統(DIDS) 13
2.1.5 常用的評估資料集 13
2.2 WLAN與AP 14
2.2.1 IEEE 802.11 14
2.2.2 AP上的open source韌體(firmware)及編譯 16
2.2.3 AP上的open source偵測軟體 17
第3章 系統設計與架構 18
3.1 系統架構 18
3.2 系統元件 19
3.2.1 蒐集代理人 19
3.2.2 分散式無線網路入侵偵測代理人 20
3.2.3 分散式無線網路入侵偵測協調者 22
3.3 入侵偵測的方法 24
3.4 系統流程 28
第4章 實驗環境與結果 29
4.1 開發工具與環境 29
4.2 實驗環境設定 32
4.3 實驗與結果 36
4.3.1 實驗一 Netstumbler攻擊的偵測 37
4.3.2 實驗二 Deauthentication攻擊的偵測 38
4.3.3 實驗三 Mac spoofing攻擊的偵測 39
4.3.4 實驗四 DARPA資料集測試 41
4.4 實驗分析與效能評估 41
第5章 結論與未來研究方向 44
5.1 結論 44
5.2 未來研究方向 44
參考文獻 46
[1] 郭彥鋒,”一個植基於異常資料串流挖掘的網路入侵偵測系統實作,”國立中興大學資訊科學系,June 2006.
[2]李勁頤、陳奕明,“分散式入侵偵測系統研究現況介紹,” 國立中央大學資訊管理學系,Communication of the CCISA. Vol.8 No.2, March 2002.
[3] A. L. N. Fred, "Data clustering using evidence accumulation," Pattern Recognition, 2002. Proceedings. 16th International Conference on, vol. 4, pp. 276-280 vol.4, 2002.
[4] F. Weng, "An Intrusion Detection System Based on the Clustering Ensemble," Anti-Counterfeiting, Security, Identification, 2007 IEEE International Workshop on, pp. 121-124, 2007.
[5] N. Wu, "An Outlier Mining-Based Method for Anomaly Detection," Anti-Counterfeiting, Security, Identification, 2007 IEEE International Workshop on, pp. 152-156, 2007.
[6] R. Moskovitch, "Host Based Intrusion Detection using Machine Learning," Intelligence and Security Informatics, 2007 IEEE, pp. 107-114, 2007.
[7] F. Gharibian, "Comparative Study of Supervised Machine Learning Techniques for Intrusion Detection," Communication Networks and Services Research, 2007. CNSR ''07. Fifth Annual Conference on, pp. 350-358, 2007.
[8] K. Hwang, "Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes," Transactions on Dependable and Secure Computing, vol. 4, pp. 41-55, 2007.
[9] S. Fluhrer, Itsik Mantin and Adi Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4, " Selected Areas in Cryptography, pp. 1-24 2001
[10] T. R. Schmoyer, "Wireless intrusion detection and response: a classic study using main-in-the-middle attack," Wireless Communications and Networking Conference, 2004. WCNC. 2004 IEEE, vol. 2, pp. 883-888 Vol.2, 2004.
[11] B. Aslam, "802.11 Disassociation DoS Attack and Its Solutions: A Survey," Mobile Computing and Wireless Communication International Conference, 2006. MCWC 2006. Proceedings of the First, pp. 221-226, 2006.
[12] J. Wright, "Detecting Wireless LAN MAC Address Spoofing," (2003):home.jwu.edu/jwright/papers/
[13] A. Sinha, "Wireless intrusion protection system using distributed collaborative intelligence," Performance, Computing, and Communications Conference, 2006. IPCCC 2006. 25th IEEE International, pp. 10 pp., 2006.
[14] R. Bace and P. Mell, "Intrusion Detection System," National Institute of Standards and Technology (NIST) Special Publication on Intrusion Detection System.
[15] D. E. Denning, "An Intrusion-Detection Model," Transactions on Software Engineering, vol. SE-13, pp. 222-232, 1987.
[16] Z. Li, "Theoretical basis for intrusion detection," Information Assurance Workshop, 2005. IAW ''05. Proceedings from the Sixth Annual IEEE SMC, pp. 184-192, 2005.
[17] Y.F. Zhang, "Distributed intrusion detection based on clustering," Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on, vol. 4, pp. 2379-2383 Vol. 4, 2005.
[18] L. Vokorokos, "Security of distributed intrusion detection system based on multisensor fusion," Applied Machine Intelligence and Informatics, 2008. SAMI 2008. 6th International Symposium on, pp. 19-24, 2008.
[19] H. Deng, "Agent-based cooperative anomaly detection for wireless ad hoc networks," Parallel and Distributed Systems, 2006. ICPADS 2006. 12th International Conference on, vol. 1, pp. 8 pp., 2006.
[20] Z. Tao, "Wireless Intrusion Detection: Not as easy as traditional network intrusion detection," TENCON 2005 2005 IEEE Region 10, pp. 1-5, 2005.
[21] H. Yang, "Intrusion detection for wireless local area network," Electrical and Computer Engineering, 2004. Canadian Conference on, vol. 4, pp. 1949-1952 Vol.4, 2004
[22] H. Yang, "Intrusion detection solution to WLANs," Emerging Technologies: Frontiers of Mobile and Wireless Communication, 2004. Proceedings of the IEEE 6th Circuits and Systems Symposium on, vol. 2, pp. 553-556 Vol.2, 2004.
[23] C. Iheagwara, "Architectural and functional issues in systems requirements specifications for wireless intrusion detection systems implementation," Systems Communications, 2005. Proceedings, pp. 434-441, 2005.
[24] R. Gill, "Specification-Based Intrusion Detection in WLANs," Computer Security Applications Conference, 2006. ACSAC ''06. 22nd Annual, pp. 141-152, 2006.


[25] X. Wang, "Intrusion Detection Techniques in Wireless Ad Hoc Networks," Computer Software and Applications Conference, 2006. COMPSAC ''06. 30th Annual International, vol. 2, pp. 347-349, 2006.
[26] Y. Chen, "Detecting and Localizing Wireless Spoofing Attacks," Sensor, Mesh and Ad Hoc Communications and Networks, 2007. SECON ''07. 4th Annual IEEE Communications Society Conference on, pp. 193-202, 2007.
[27] S. Fayssal, "Anomaly-Based Behavior Analysis of Wireless Network Security," Mobile and Ubiquitous Systems: Networking & Services, 2007. MobiQuitous 2007. Fourth Annual International Conference on, pp. 1-8, 2007.
[28] F. Guo and T. Chiueh, "Sequence Number- Based MAC Address Spoof Detection," In Proc. of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005)
[29] http://www.cert.org/
[30] http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
[31] http://oleg.wl500g.info/
[32] http://www.dd-wrt.com/
[33] http://openwrt.org/
[34] http://snort-wireless.org/
[35] http://www.kismetwireless.net/
[36] http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/docs/attackDB.html
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔