Adding WiFi sensors to the infrastructure  Linksys Access Points run as “Kismet drones” passively monitoring all 802.11 and report wireless frames over.

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

Haptic Glove Hardware Graduation Project Prepared by Yaman A. Salman Eman M. Masarweh 2012.
June 2010 At A Glance The Room Alert Adapter software in conjunction with AVTECH Room Alert™ devices assists in monitoring computer room environments as.
Wireless Sensor Networks: An overview and experiences. Matthew Grove PEDAL Seminar Series, January 9th 2008.
“All your layer are belong to us” Rogue APs, DHCP/DNS Servers, and Fake Service Traps.
AXIS Camera Recorder. Value Proposition  AXIS Camera Recorder Offers all core video recording and monitoring functionality at an attractive price level.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Jan 31, 2007CS5111 Unbound STEP graph Bound STEP graph Resource management components solve graph embedding Deployment Sensor eXecution Environments Remember.
Analysis of Privacy Jim McCann & Daniel Kuo EECS 598.
Chapter 15 Chapter 15: Network Monitoring and Tuning.
Urban Sensing Jonathan Yang UCLA CS194 Fall 2007 Jonathan Yang UCLA CS194 Fall 2007.
Program and deploy your SN in minutes  Program: Single System Image  “Write Once, Run… Wherever”  Each program runs on an SN “slice” i.e., a Virtual.
Program and deploy your SN in minutes –Single System Image Program –“Write Once, Run… Wherever” –Each program runs on an SN “slice” i.e., a Virtual Sensor.
An Introduction to the Sensor Network WorkBench -- SN Bench Michael Ocean Azer Bestavros & Assaf Kfoury Computer Science.
Bro: A System for Detecting Network Intruders in Real-Time Presented by Zachary Schneirov CS Professor Yan Chen.
WISENET Wireless Sensor Network Project Team: J. Dunne D. Patnode Advisors: Dr. Malinowski Dr. Schertz.
Remote Surveillance System Presented by: Robarin Holdings Limited Telephone: Facsimile:
Video in Processing David Meredith Aalborg University.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
SensEye: A Multi-Tier Camera Sensor Network by Purushottam Kulkarni, Deepak Ganesan, Prashant Shenoy, and Qifeng Lu Presenters: Yen-Chia Chen and Ivan.
Submitted by: Madeeha Khalid Sana Nisar Ambreen Tabassum.
Penetration Testing Security Analysis and Advanced Tools: Snort.
Hosted by IDS for WLANs The Mansfield Group, LLC Security for Enterprise Networks Wireless LAN Security Workshop Wash DC Honolulu.
Redes Inalámbricas Máster Ingeniería de Computadores 2008/2009 Tema 7.- CASTADIVA PROJECT Performance Evaluation of a MANET architecture.
Patient Location via Received Signal Strength (RSS) Analysis Dan Albano, Chris Comeau, Jeramie Ianelli, Sean Palastro Project Advisor Taib Znati Tuesday.
9/18/2015www.protocolnet.com1 PROTOCOL ONLINE SERVICES Pvt. Ltd., “To become a leader in Information Technology by providing entire spectrum of hardware,
Smart Phone Laboratory ECEN 489 Srinivas Shakkottai.
Sluzek 142/MAPLD Development of a Reconfigurable Sensor Network for Intrusion Detection Andrzej Sluzek & Palaniappan Annamalai Intelligent Systems.
ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.
CHAPTER FOUR COMPUTER SOFTWARE.
Introduction to Interactive Media Interactive Media Tools: Software.
GROUP INVOLVED IN A WEB APPLICATION DEVELOPMENT Continue.
SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.
1. COMMUNICATION Liam O’Sullivan  Control was off board (on the GCS)  Used XBee ZigBee RF modules for telemetry  Point to point communication.
Project Idea #1 Project: Simulation in NS Learn how to use NS-2 Examine 2-3 papers that do benchmark studies Implement a simulation of the Drexel TAARP.
Network Monitoring Chapter 20.
AirPatrol’s ZoneDefense for Corrections Complete 24/7 precision monitoring and detection of all mobile devices.
FLOOR CANDY.
snBENCH A Development and Run-Time Platform for Rapid Deployment of Sensor Network Applications Michael Ocean Azer Bestavros.
Click to edit Master title style Ramsey Baker Kunal Parbadia Radford Parker Rohit Sahay David Salazar SecurityCam Single Modular Wi-Fi Enabled Security.
Issues Autonomic operation (fault tolerance) Minimize interference to applications Hardware support for new operating systems Resource management (global.
Home Intrusion Detection System Andre, Irena, Priyanka, Balta.
Computer Science snBench: A Programming and Runtime Framework for Sensor Networks Michael Ocean with Azer Bestavros and Assaf Kfoury.
Winston H. Wu, Maxim A. Batalin, Lawrence K. Au, Alex A. T. Bui, and William J. Kaiser.
1. COMMUNICATION Liam O’Sullivan  Used XBee RF 2.4 GHz modules for telemetry  Point to point communication (platform and GCS)  Disadvantages.
Created By. Jainik B Patel Prashant A Goswami Gujarat Vidyapith Computer Department Ahmedabad.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
Cryptography and Network Security Sixth Edition by William Stallings.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.
ISecurity End of Semester Presentation November 29, 2012.
Wireless Intrusion Detection & Response ECE 4006 Group 2: Seng Ooh Toh Varun Kanotra Nitin Namjoshi Yu-Xi Lim.
MIT Lincoln Laboratory Dynamic Declarative Networking Exploiting Declarative Knowledge To Enable Energy Efficient Collaborative Sensing Daniel J. Van Hook.
PROWIND (Positioning Relay over Wirelessly Networked Devices) Team Members: Alexander Smithson, Dian Ding, Yeh Cheng Yuan Graduate Advisor: Eric Liao Faculty.
Wednesday NI Vision Sessions
Mobile Packet Sniffer Ofer Borosh Vadim Lanzman Dr. Chen Avin
WIRELESS GATEWAYS FOR HOME USE AND ENTERPRISE USE NOR HANANI BINTI SAHARUDIN TSK 1.
Fermilab Scientific Computing Division Fermi National Accelerator Laboratory, Batavia, Illinois, USA. Off-the-Shelf Hardware and Software DAQ Performance.
Some Great Open Source Intrusion Detection Systems (IDSs)
Various Features and Services Provided By the SpotCam.
Attestation Checkpoint
Telemedicine: Issues in Mote Based Remote Patient Monitoring
WISENET Wireless Sensor Network
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
WLAN Security Antti Miettinen.
Denial-of-Service Jammer Detector Training Course Worldsensing
Antti Miettinen (modified by JJ)
Applying Policy-Based Intrusion Detection to SCADA Networks
Presentation transcript:

Adding WiFi sensors to the infrastructure  Linksys Access Points run as “Kismet drones” passively monitoring all and report wireless frames over Ethernet.  Added new GenericSensor instance to the SXE to provide KismetSensor as a “first class” sensor device. Kismet server process interprets drone’s results and detects “ALERT” events via (published) UDP protocol,  DEAUTHFLOOD, DISASSOCTRAFFIC, etc.  Packet analysis can be run on the AP but performance (and extensibility) improves when processed elsewhere.  New functionalities added to read KismetSensor as a snStruct. Other processors can be plugged in and customized to detect different attacks/events (flag “any traffic from sender X”, etc). Experiment environment: CS Graduate Research Lab  Linksys Access Points imaged with OpenAP Linux and Kismet  Axis Pan-Tilt-Zoom on a dedicated gigabit network  Crossbow motes, servers, compute node, 750GB SQL server, etc. Adding Network Intrusion Detection Simulated attacks with open-source tools (AirJack, Netstumbler) were detected and responses processed on an average of 2.8 seconds in polling mode on un-optimized code (e.g., debug mode).  Quick optimizations reduced processing time to 550ms  Anything under 30 seconds is likely acceptable for intrusion response time – “I did it, now run!” ? findadjacentsensor does not move the PTZ cameras  Use signal strength to improve captured image by moving the cameras to the best vantage point and take an image from all applicable sensors Implement SendDisassociate() and DetectWifiCommEvent() take defensive action against an attacker. Results & Future Work notification on detected intrusion letonce WIFIPKT = DetectWifiAlertEvent(Sensor) in leteach SRC = WIFIPKT.getfield(“MAC”) in level_trigger( not(isnil(WIFIPKT)) concat($NOW$,“:Found banned MAC”, SRC,“ at”, WIFIPKT.getfield(“time”) )) Build a MAC blacklist on detected intrusion level_trigger( not(contains(SQL.get(“BLACKLIST”),SRC)), SQL.put(“BLACKLIST”,SRC) ) Take a picture when a wireless intruder is detected level_trigger( contains(SQL.get(“BLACKLIST”),SRC), SQL.put(“wifi_intrusion_$EVAL_COUNT$”, drawstring(concat(“MAC ”, SRC), snapshot( findadjacentsensor(“Image”, WIFIPKT.getfield(“SOURCE_AP”))))) Forcibly Disassociate a Blacklisted User Whenever Detected level_trigger( not(isnll(WIFIPKT)), SendDisassociate( WIFIPKT.getfield(“BASESTATION”),SRC)) WNID in SNAFU SN Bench Case Studies : Wireless Network Security & Floor-Plan Flow Analysis Michael Ocean, Azer Bestavros and Assaf Kfoury The SN Bench is designed promote research; intrinsic (within the snBench) and extrinsic (running on the snBench) 1. New sensing hardware, modalities (e.g., data types) or functional abilities require simple Java class (interface) implementation  A wireless network intrusion detection (WNID) system is a just a specialized instance of a Sensor Network, so we added WNID to the snBench.  snBench with WNID enables features beyond other WNID systems, specifically multi-modal detection and response (e.g., use both wifi sensors and video sensors). 2. We have used the snBench within a graduate Software Engineering Class for the last two years.  A group of graduate students have implemented motion detection and motion vector tracking functionalities to facilitate floor plan flow analysis. Image Processing on the SN Bench As part of a Software Engineering class, a group of Masters students in the Image and Video Computing group added new operations (STEP functions) to the SXE core library.  BlobDetect(snImage) Find differences between the current image and the image that was run with previously and return the number of blobs detected in the image.  BlobDraw(snImage) Find differences between the current image and the image that was run with previously and draw bounding boxes around the blobs detected in the image.  PeopleDetect(snImage, MotionVector) Every blob moving in the same direction as the MotionVector increases value by 1 Every blob moving against the MotionVector decreases value by 1  MakeTable(snPair(timestamp,value)) Create (or update) an image of a line graph to include a value with height “value” at time “timestamp” Results & Demo STEP Graph: (image from STEP IDE) Results: (images from live run)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.