| With the rapid development of modern information technology and the change of users’requirements, WLAN (Wireless Local Area Networks) which can be seen everywhere in daily life has taken a dominant place in wireless communication technology, by virtue of its mobility, flexibility, scalability and economy etc. Wireless signal almost covers all kinds of places, including office building, mall, school, airport, even bus and subway. People can search wireless signal nearby by their mobile terminal devices and build the connection between the device and access point, which makes Internet access more simple and convenient. People’s enthusiasm and demand for wireless technology prompts expanding its application fields greatly, while the technology’s degree of maturity lags far behind the demand for it. In consequence, many enterprises, organizations and individuals neglect the security risks when enjoying the efficient convenience and economic benefits which are brought by WLAN. Compared with wired communication, openness of wireless network, publicity of network environments, development of new technology and devices, as well as network disasters and emergencies has resulted in the situation that benefits and risks coexist in wireless communication.Therefore, in order to reinforce security control and guarantee safe operation to WLAN, it’s necessary to conduct a comprehensive attack effect evaluation on the network. We can look up the possible leaks depending on the evaluation result and take advantages of it to provide technical reference for the secure construction and stable operation of WLAN in the future.This paper proposes three models for WLAN attack evaluation by research of IEEE802.11standards, security protocols, typical attack methods and compare with traditional evaluation technology, including model based on index system, model based on attack tree and synthetical model. Firstly, according to the characteristics of WLAN, the index extraction principles is determined. Based on the principles, I build an index system consisting of target layer, attribute layer and index layer. The first model generates a qualitative evaluation result by the methods of AHP (Analytic Hierarchy Process) and Grey Clustering Assessment. Secondly, different from traditional evaluation models based on index system, the second model is based on attack tree that consists of state nodes, introducing attack complexity, security loss and attack level of completion to draw a conclusion for WLAN attack effect evaluation. Thirdly, derived from the idea of combining attack process and influence, qualitative and quantitative evaluation, synthetical evaluation model is proposed, which has the advantages of both first model and second model.At last, the system based on synthetical WLAN attack effect evaluation model is designed and implemented, including its architecture, detailed design of core modules and execution plan. The effectiveness of the evaluation model is proved by analyzing experimental results. |
PDF Full Text Request