| Following the wired networks, the flexibility, capability, and economics of wireless local area network is a new research focus of Computer Network field. Because of the open of WLAN and the vulnerability of protocol, it is easy to eavesdrop, intrude upon and attack WLAN. Security problem becomes one most primary obstacle on WLAN development way.Intrusion Detection System is a network security system protects network resource actively. Firewall could prevent unauthorized users from accessing sensitive data. It protects network inner resource on network edge. But there is no network edge exists in WLAN, any attack is started interior directly. IDS is a bottom line which keep network attack away. It could detect attacks come from inner network.Because of WLAN particular circumstance, some applications of traditional LAN IDS are no longer fit WLAN. And new attacks to WLAN are increasing. Therefore this paper researches Intrusion Detection ways under WLAN environment and proposes a WLAN IDS security solution.This paper researches IEEE 802.11 protocol of WLAN security mechanism deeply, analyze vulnerabilities of Wired Equivalent Privacy and attacks to them in detail, such as key stream reuse, message authentication, message decryption and so on. This paper researches kinds of attack to vulnerabilities of WLAN security mechanism, such as War driving attack, spoof attack and denial of service attack and so on. Finally, this paper builds a WLAN IDS model, and proposes behavior analysis detection and statistic analysis detection two detection ways. Further more, this paper provides realization arithmetic.Intrusion Detection model based WLAN could detect most known threat and part unknown threat to WLAN. It improves traditional IDS functioning at upper protocol layer which is helpless to OSI lower layer of WLAN. |
PDF Full Text Request