Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Signature-based Wireless Intrusion Detection Systems

시그니처 기반의 무선 침입 탐지 시스템에 관한 연구

  • Park, Sang-No (Department of Computer Engineering, Paichai University) ;
  • Kim, A-Yong (Department of Computer Engineering, Paichai University) ;
  • Jung, Hoe-Kyung (Department of Computer Engineering, Paichai University)
  • Received : 2013.12.22
  • Accepted : 2014.01.29
  • Published : 2014.05.31
Download PDF
⟨ Previous Next ⟩

Abstract

WLAN is affordability, flexibility, and ease of installation, use the smart device due to the dissemination and the AP (Access Point) to the simplification of the Office building, store, at school. Wi-Fi radio waves because it uses the medium of air transport to reach areas where security threats are always exposed to illegal AP installation, policy violations AP, packet monitoring, AP illegal access, external and service access, wireless network sharing, MAC address, such as a new security threat to steal. In this paper, signature-based of wireless intrusion detection system for Snort to suggest how to develop. The public can use hacking tools and conduct a mock hacking, Snort detects an attack of hacking tools to verify from experimental verification of the suitability of the thesis throughout.

무선랜은 경제성, 유연성, 설치의 용이성, 스마트 기기의 보급으로 인해 사용과 AP(Access Point)구축의 단순화로 사무실, 매장, 학교에서 쉽게 접할 수 있다. 무선랜은 공기를 전송매체로 사용하기 때문에 전파가 도달하는 영역에서는 보안 위협에 항상 노출이 되며 불법 AP 설치, 정책위반 AP, 패킷 모니터링, AP 불법 접속, 외부 AP 및 서비스 접속, 무선네트워크 공유, MAC 주소 도용 등 새로운 보안 위협을 지닌다. 본 논문에서는 시그니처 기반의 Snort를 사용하여 무선 침입 탐지 시스템 개발 방법을 제안한다. 공개된 해킹 툴을 사용하여 모의 해킹을 실시하고, Snort가 해킹 툴에 의한 공격을 탐지하는지 실험을 통하여 논문의 적합성을 검증한다.

Keywords

References

  1. Reddy, S. Vinjosh, et al. "Wireless hacking-a WiFi hack by cracking WEP," 2010 2nd International Conference on, vol. 1, pp. 189-193, 2010.
  2. Ajita. Mishra and Ashish Kumar Srivastava, "A Modular Approach To Intrusion Detection in Homogenous Wireless Network," IOSR Journal of Computer Engineering, vol. 14, no. 6, pp. 53-59, Oct. 2013.
  3. Martin. ROESCH, "Snort: Lightweight Intrusion Detection for Networks," Proceedings of LISA, pp. 229-238, 1999.
  4. Steven T. Eckmann, "Translating Snort rules to STATL scenarios," Proc. Recent Advances in Intrusion Detection, 2001.
  5. Craig. Valli, "Wireless Snort-A WIDS in progress," Network & Information Forensics Conference, pp. 112-116, 2004.
  6. H. S. Kim, B. J. Kang, J. S. Yang and E. G. Im, "An Efficient Signature Detection Method using Growing Prefix Indexing for Intrusion Detection Systems," Journal of Security Engineering, vol. 9, no.1, Feb. 2012.
  7. Andrew. Lockhart, "Snort Wireless Users Guide," 2003.
  8. K. S. Kou, G. J. Mun, D. J. Ryu, "A Development of AIRTMS V1.0's Security Functional Requirements based on Common Criteria Version 3.1," Journal of Security Engineering, vol. 8, no. 6, pp. 645-655, Dec. 2011.
  9. Y. S. Kim, K. S. Kou, J. I. Sin and Y. H. Bang, "Development of Security Functional Requirement Specification Tool of Information Security Operational System Level," Journal of Security Engineering, vol.7, no.1, Feb. 2010.
  10. S. Y. Kang and J. H. Park, "The Research about Recent Common Criteria of Information Security Product," Journal of Security Engineering, vol.5, no.4, Aug. 2008.