Wireless Intrusion Detection System Proof of Concept Leon & Yunhai

Agenda Project Review Info Measurements Data Analysis Sample Experiments Future Works

Project Review

Internet MIB IDS MIB

Attacker AiroPeek CS AP Project Review Internet IDS MIB, SysLog Client1 Attacker AP 2.4 GHz

Info Measurements Info Resources SNMP MIB A collection of objects that can be accessed via a network management protocol System Log Event/Trap Captures Wireless Capture

Info Measurements Info Collection Tools Hardware Cisco Access Point Cisco Wireless Card Software Visual Studio Net SNMP AiroPeek Netstumbler

MIB Collection & Storage

SysLog

Data Analysis Measurement Based Analysis Correlate Parameters w/ Events Contention Interference RF Interference Wireless Intrusion Wireless DoS Attack

Sample Experiments Contention Interference CS AP Client1 Test AP Client2 Chl 9 MIB

Contention Interference MIB dot11ACKFailureCount.1 dot11FailedCount.1 dot11FCSErrorCount.1 dot11FrameDuplicateCount.1 dot11MulticastTransmittedFrameCount.1 dot11MultipleRetryCount.1 dot11RTSFailureCount.1 dot11TransmittedFrameCount.1

Contention Interference

Sample Experiments Cordless Phone RF Interference AiroPeek Test AP Client1 Chl GHz

Cordless Phone RF Inter

Sample Experiments Intrusion Attack AirJack DoS Attack Void11

Future Works Real Time Automation Synchronize & Coordinate all info Extend to Simulations Measurements

Protocol Layering

MIB Structure