The Research Of Intrusion And Monitoring Based On Wireless Network

With the rapid development of computer network technology,the application area of wireless network has been spreading throughout all walks of life.It has become a new trend of future network technology development.Meanwhile,it provides a new platform and means for computer criminals.In recent years,the rapid growth in computer crime cases based on wireless network is bound to bring new challenges for the case investigations of Network Security Monitoring Department.In WLAN environment,how to monitor criminal behaviours in real time and obtain evidences actively for the case investigations has become a new issue that should be solved in computer forensics field.In WLAN,wireless signal can be received by any wireless devices within its coverage because data is transmitted by radio frequency.IEEE 802.11 drawed up WEP protocol in order to solve the security issue,but WEP protocol only guarantees wireless network security to some extent.By analyzing IEEE 802.11 protocol in the paper,some significant loopholes existing in WEP protocol were found.Then based on the scheme of capturing,filtering and analyzing IEEE 802.11 frames,the algorithm based on significant loopholes for cracking WEP protocol key was put forward.In order to invade and monitor the certain computers,by analyzing the existing forensic tools and approaches,and combining the key technology that the popular trojan horse used now,the paper proposed a complete framework of remote monitoring based on trojan horse mechanism.The framework focused on analysis of the process of hiding,covert communication,self-booting technology and triple-thread structure.Then combined with practical requirements,several functions were designed in detail,such as file management,screen monitoring and video monitoring.Besides,the encoding algorithm about screen pictures was put forward in order to minimize the system and network resources occupied by the program.Finally,the crack algorithm and framework of remote monitoring were implemented in Microsoft Visual C++ 6.0 Platform.Experimental results show that the crack algorithm of WEP was of high crack speed and success rate,and achieved expected effect.Moreover,the forensic scheme was of high reliability and strong survival ability,and achieved the purpose of obtaining evidences in real time and actively for case investigations.