SlideShare a Scribd company logo

A wireless intrusion detection system and a new attack model (synopsis)

Download as DOC, PDF
Mumbai Academisc
Mumbai Academisc

The document describes a proposed wireless intrusion detection system and new attack model. It begins by outlining vulnerabilities in mobile wireless networks like susceptibility to eavesdropping and interfering attacks. It then discusses the need for intrusion detection as prevention measures alone are insufficient. The proposed system uses a matching algorithm to compare observed network behaviors and detect anomalies indicative of intrusions. It analyzes evidence from multiple nodes to identify intruders, multicasts intruder addresses to neighbors, and routes data along paths free of detected intruders.

Technology
1 of 16
A wireless Intrusion detection system and a new attack model (Synopsis) 1
INTRODUCTION The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. The nature of mobility creates new vulnerabilities that do not exist in a fixed wired network, and yet many of the proven security measures turn out to be ineffective. Therefore, the traditional way of protecting networks with firewalls and encryption software is no longer sufficient. We need to develop new architecture and mechanisms to protect the wireless networks and mobile computing applications. Vulnerabilities of Mobile Wireless Networks The nature of mobile computing environment makes it very vulnerable to an adversary's malicious attacks. First of all, the use of wireless links renders the network susceptible to attacks ranging from passive eavesdropping to active interfering. Unlike wired networks where adversary must gain physical access to the network wires or pass through several lines of defense at firewalls and gateways, attacks on a wireless network can come from all directions and target at any node. Damages can include leaking secret information, message contamination, and node impersonation. All these mean that a wireless ad-hoc 2
network will not have a clear line of defense, and every node must be prepared for encounters with an adversary directly or indirectly. Second, mobile nodes are autonomous units that are capable of roaming independently. This means that nodes with inadequate physical protection are receptive to being captured, compromised, and hijacked. Since tracking down a particular mobile node in a global scale network cannot be done easily, attacks by a compromised node from within the network are far more damaging and much harder to detect. Therefore, mobile nodes and the infrastructure must be prepared to operate in a mode that trusts no peer. Third, decision-making in mobile computing environment is sometimes decentralized and some wireless network algorithms rely on the cooperative participation of all nodes and the infrastructure. The lack of centralized authority means that the adversaries can exploit this vulnerability for new types of attacks designed to break the cooperative algorithms. To summarize, a mobile wireless network is vulnerable due to its features of open medium, dynamic changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense. 3
The Need for Intrusion Detection Intrusion prevention measures, such as encryption and authentication, can be used in ad-hoc networks to reduce intrusions, but cannot eliminate them. For example, encryption and authentication cannot defend against compromised mobile nodes, which often carry the private keys. Integrity validation using redundant information (from different nodes), such as those being used in secure routing, also relies on the trustworthiness of other nodes, which could likewise be a weak link for sophisticated attacks. To secure mobile computing applications, we need to deploy intrusion detection and response techniques, and further research is necessary to adapt these techniques to the new environment, from their original applications in fixed wired network. In this paper, we focus on a particular type of mobile computing environment called mobile ad-hoc networks and propose a new model for intrusion detection and response for this environment. We will first give a background on intrusion detection, and then present our new architecture. 4
EXISTING SYSTEM  Traditional systems in place for intrusion detection primarily use a method known as “Finger Printing” to identify malicious users. They are complex.  They are rule dependent. The behavior of packets flowing in the network is new, then the system cannot take any decision. So they purely work in the basis of initial rules provided.  The rules in the database are static unless the network administrator manually enters the rules. It does not provide any option for generating dynamic rule set.  It cannot create its own rule depending on the current situation.  It requires manual energy to monitor the inflowing packets and analyze their behavior.  It cannot take decision in runtime. 5
 If the pattern of the packet is new and not present in the records, then it allows the packets to flow without analyzing whether it is an intruder or not.  The packet with a new behavior can easily pass without being filtered. PROPOSED SYSTEM  It uses matching algorithm, which is an artificial intelligence problem-solving model.  IDS compare learned user characteristics from an empirical to all users of a system.  It includes temporal and spatial information of the network traffic.  It is both network based and host based system.  It can take decision in runtime. 6
ADVANTAGES  It eliminates the need for an attack to be previously known to be detected because malicious behavior is different from normal behavior by nature.  Using a generalized behavioral model is theoretically more accurate, efficient and easier to maintain than a finger printing system.  It uses constant amount of computer resources per user, drastically reducing the possibility of depleting available resources.  Once installed, there is no need for any manual energy to monitor the system.  It promotes high detection rate of malicious behavior and a low false positive rate of normal behavior classified as malicious. 7
MODULE DESCRIPTION The modules contained in this project are as follows:  Distributed detection. a) Multicast the packet to detect the intruder.  Matching the List of events.  Multicast the intruder to the neighboring nodes.  Sending data to destination. DISTRIBUTED DETECTION The basic idea is to set up a monitor at each node in the network to produce evidences and to share them among all the nodes .An evidence is a set of relevant information about the network state A monitor can be thought of as an instance of the ethereal network packet sniffer: It captures the traffic and displays the detailed information on it.For each captured packet Ethereal displays a complete view of packet headers (i.e. from Ethernet to the application level) and payload and add some general statistics as the timestamp, frame number and length in bytes. For our purposes we’ll look at the Ethernet level header, and as we’re focusing on 802.11 frames we’ll consider source, destination and BSSId addresses, sequence number, frame type and subtype and 8
the Retry flag. Together with the captured packets, we add relevant statistics collected by the device driver, like counters for transmission retries and for frames received with wrong FCS (other papers[7] use different statistics as signal strength and carrier sensing time), and packet transmission time. We built in this way a list of events at each node. Events are the single transmitted packet or the times in which the channel is idle, which can be inferred from the timestamp of the packets and the packet transmission times. The combination of different list of events leads to the better understanding of what happened in the network, in particular in distinguishing the jamming attacks and channel failures, where packets are sent by one peer and never received by other peer. Both the channel failure and a jamming attack make the FCS check of the packet fail, thus the packet in transit will be incorrectly received and dropped, incrementing the “dropped frames” counter in the device driver at the receiver. The difference between the 2 cases is the amount of incorrectly received frames at the receiver. Suppose if the receiving station is under jamming network, where the packets which pass through the jamming area get scrambled. The monitor placed at the sender’s side will see 9
the number of frames sent on the channel and the monitor at the receiver end won’t see anything received correctly, and will keep on increasing the incorrectly received frames counter. The sender will retry the transmission a number of times and all these retransmissions will be dropped as well, incrementing the counter. We are able to detect the attack by combining what both monitors saw, as a single one is not able to do the same: the receiver’s evidences (no packets received and counter updated) are in fact not enough to distinguish the attack. For the receiver, receiving incorrect frames can happen for various reasons: frames from stations at the limit of the radio range, frames from neighbor networks or noisy channel are all examples of this. If the counter is not updated, then staying idle without having transmissions aimed at it or experiencing a device failure is undistinguished from being under attack. On the other side, the transmitter cannot tell if the other peer is out of range given the retransmissions only. DETECT THE INTRUDER The initial process is the training process where the source sends the packet with events to all the nodes in the 10
network to detect the intruder. This process is known as multicasting. Before sending the packets to all nodes, the source node initiates the timestamp for the packets. This training process is stored as an initial event list #1 in the source node. Receivers receive the packets which contain the timestamp and send appropriate ACK replies. Receivers store the received packets in their event list. After receiving all the packets from source/initiator receiver sends the reply ACK by using multicast method. Intruder detection is done by checking the received ACK packets for anomalies. This is done by the matching algorithm. MATCHING THE LIST OF EVENTS The basic algorithm to match two lists of events is as follows: we start from the first list and for every event (packet or channel idle) we try to find a matching event on the second list that is, given a packet we look for it on the second list. As we don’t have cheaters into play for now, what we find is that for every packet on the first list we find it on the second one if the network worked fine, else we find a channel idle event if some problem (jamming or malfunctioning) happened. Continuing the example above, we’d have transmitted packets on the first event list and channel idle (together with a high number of dropped packets) on the second one. We can find unmatched events 11
on the second list at the end (for example if the first node was jammed), so we swap the 2 lists and run the matching algorithm again. The final output is a single list of events which combines the two. Jamming and channel failure have the same basic signature (which is packets transmitted and never received), but differentiate on their position in the event list. A few packets disappearing here and there are index of channel failures, while a sequence of disappearing packets is considered as jamming. A large number of nonconsecutive channel failures are index of bad QoS. Since all nodes participate in the detection process, we extend it in order to match multiple lists. The idea is to merge one list at a time with the result of the previous merge. In other words, we merge lists #1 and #2, and then we match the result with list #3, until we processed every list. We obtain in this way an aggregated list of all events which happened in the network in a given time frame. We have to notice here that a node might not overhear the traffic of every other node because of range. We supposed that each node has relevant information to offer, but this is not always true. The key feature here is that the monitoring system is distributed. A single station alone cannot tell if it is experiencing an attack or just a temporary network failure, 12
and cooperation among all nodes is required for the nodes to understand what is going on. The event lists are shared among all nodes in the network. All nodes send their evidences to every other node in the network. Part in the protocol. Every node executes the matching algorithm to generate the aggregated event list to have a clear view of what happened in the network in the given time frame. MULTICAST THE INTRUDER TO THE NEIGHBOURING NODES The matching algorithm will invoke after receiving reply events from the network. It compares events from the other nodes with that of the initiator. If anyone from the received ACK packets is not matched, then that particular node is the intruder to be found. Now that the intruder is detected the address of the intruder is sent to the entire network by multicasting. Neighbor nodes receive the IP address of the intruder and store it in the event lists to prevent future attacks from that node in the network. The multicasting of the intruder address is done source. SENDING DATA TO THE DESTINATION The data send process is done by splitting the chosen text file into packets for transmission. The data send process 13
is invoked after the source finds out an intruder free path. In the case of jamming/network malfunction, the source waits till the network is restored, starts the training process to find the intruders and if any detected, selects a path free from intrusion. The path selection is done by the Dynamic Source Routing Protocol (DSR). The source sends the data directly to the destination through the ‘safe’ path. Destination receives the data in the form of packets and checks for anomalies to detect any loss of data in the data due to intrusion. The control flow and sequence of events of the project is described in the diagram below. 14
Intrusion Detection System flow chart 15
REQUIREMENT SPECIFICATION Hardware Specifications Hard Disk : 40GB and Above. RAM : 128MB and Above. Processor : Pentium III and Above. Software Specifications Operating System : Windows 2000 and Above. Programming Package used Swings. 16 : Java 1.4 and Above,

Recommended

NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...Migrant Systems
 
Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureIEEEFINALYEARPROJECTS
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICEPranya Prabhakar
 
Network Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionNetwork Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionPramod M Mithyantha
 
Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...JPINFOTECH JAYAPRAKASH
 
Secure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionSecure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionUvaraj Shan
 
IDS - Fact, Challenges and Future
IDS - Fact, Challenges and FutureIDS - Fact, Challenges and Future
IDS - Fact, Challenges and Futureamiable_indian
 
Icacci presentation-cnn intrusion
Icacci presentation-cnn intrusionIcacci presentation-cnn intrusion
Icacci presentation-cnn intrusionvinaykumar R
 

Recommended

NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...Migrant Systems
 
Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureIEEEFINALYEARPROJECTS
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICEPranya Prabhakar
 
Network Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionNetwork Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionPramod M Mithyantha
 
Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...Nice network intrusion detection and countermeasure selection in virtual netw...
Nice network intrusion detection and countermeasure selection in virtual netw...JPINFOTECH JAYAPRAKASH
 
Secure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionSecure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionUvaraj Shan
 
IDS - Fact, Challenges and Future
IDS - Fact, Challenges and FutureIDS - Fact, Challenges and Future
IDS - Fact, Challenges and Futureamiable_indian
 
Icacci presentation-cnn intrusion
Icacci presentation-cnn intrusionIcacci presentation-cnn intrusion
Icacci presentation-cnn intrusionvinaykumar R
 
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
 
M43057580
M43057580M43057580
M43057580IJERA Editor
 
F0371046050
F0371046050F0371046050
F0371046050inventionjournals
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET Journal
 
NSAS: NETWORK SECURITY AWARENESS SYSTEM
NSAS: NETWORK SECURITY AWARENESS SYSTEMNSAS: NETWORK SECURITY AWARENESS SYSTEM
NSAS: NETWORK SECURITY AWARENESS SYSTEMInternational Journal of Technical Research & Application
 
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...1crore projects
 
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...IEEEGLOBALSOFTTECHNOLOGIES
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...IGEEKS TECHNOLOGIES
 
06558266
0655826606558266
06558266Vidya Sagar
 
1776 1779
1776 17791776 1779
1776 1779Editor IJARCET
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEEMEMTECHSTUDENTPROJECTS
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET Journal
 
Alert Analysis using Fuzzy Clustering and Artificial Neural Network
Alert Analysis using Fuzzy Clustering and Artificial Neural NetworkAlert Analysis using Fuzzy Clustering and Artificial Neural Network
Alert Analysis using Fuzzy Clustering and Artificial Neural NetworkIJRES Journal
 
Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Pamela Dempster
 
Securing WSN communication using Enhanced Adaptive Acknowledgement Protocol
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolSecuring WSN communication using Enhanced Adaptive Acknowledgement Protocol
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
 
Ao03402350245
Ao03402350245Ao03402350245
Ao03402350245ijceronline
 
Ii3415521555
Ii3415521555Ii3415521555
Ii3415521555IJERA Editor
 
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...IRJET Journal
 
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Editor IJCATR
 
INTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENT
INTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENTINTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENT
INTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENTInternational Journal of Technical Research & Application
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessDavid Sweigert
 

More Related Content

What's hot

HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET Journal
 
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...1crore projects
 
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...IEEEGLOBALSOFTTECHNOLOGIES
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...IGEEKS TECHNOLOGIES
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEEMEMTECHSTUDENTPROJECTS
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET Journal
 
Alert Analysis using Fuzzy Clustering and Artificial Neural Network
Alert Analysis using Fuzzy Clustering and Artificial Neural NetworkAlert Analysis using Fuzzy Clustering and Artificial Neural Network
Alert Analysis using Fuzzy Clustering and Artificial Neural NetworkIJRES Journal
 
Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Pamela Dempster
 
Securing WSN communication using Enhanced Adaptive Acknowledgement Protocol
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolSecuring WSN communication using Enhanced Adaptive Acknowledgement Protocol
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
 

What's hot (17)

HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...
 
M43057580
M43057580M43057580
M43057580
 
F0371046050
F0371046050F0371046050
F0371046050
 
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
IRJET- Review on Intrusion Detection System using Recurrent Neural Network wi...
 
NSAS: NETWORK SECURITY AWARENESS SYSTEM
NSAS: NETWORK SECURITY AWARENESS SYSTEMNSAS: NETWORK SECURITY AWARENESS SYSTEM
NSAS: NETWORK SECURITY AWARENESS SYSTEM
 
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
Secure Data Aggregation Technique for Wireless Sensor Networks in the Presenc...
 
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Privacy preserving distributed profi...
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...
 
06558266
0655826606558266
06558266
 
1776 1779
1776 17791776 1779
1776 1779
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
 
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
IRJET- SDN Multi-Controller based Framework to Detect and Mitigate DDoS i...
 
Alert Analysis using Fuzzy Clustering and Artificial Neural Network
Alert Analysis using Fuzzy Clustering and Artificial Neural NetworkAlert Analysis using Fuzzy Clustering and Artificial Neural Network
Alert Analysis using Fuzzy Clustering and Artificial Neural Network
 
Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050
 
Securing WSN communication using Enhanced Adaptive Acknowledgement Protocol
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolSecuring WSN communication using Enhanced Adaptive Acknowledgement Protocol
Securing WSN communication using Enhanced Adaptive Acknowledgement Protocol
 
Ao03402350245
Ao03402350245Ao03402350245
Ao03402350245
 

Similar to A wireless intrusion detection system and a new attack model (synopsis)

A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...IRJET Journal
 
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Editor IJCATR
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessDavid Sweigert
 
Analyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSNAnalyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSNIJERA Editor
 
Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Journals
 
Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Publishing House
 
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation AnalysisA New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysisijceronline
 
A self-managing fault management mechanism for wireless sensor networks
A self-managing fault management mechanism for wireless sensor networks A self-managing fault management mechanism for wireless sensor networks
A self-managing fault management mechanism for wireless sensor networks ijwmn
 
Integrated Security and Attack Detection Scheme for Wireless Sensor Networks
Integrated Security and Attack Detection Scheme for Wireless Sensor NetworksIntegrated Security and Attack Detection Scheme for Wireless Sensor Networks
Integrated Security and Attack Detection Scheme for Wireless Sensor NetworksEditor IJMTER
 
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...chennaijp
 
A Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor NetworksA Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor NetworksIJERA Editor
 
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKPREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
 
Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANETSunita Sahu
 
Robust encryption algorithm based sht in wireless sensor networks
Robust encryption algorithm based sht in wireless sensor networksRobust encryption algorithm based sht in wireless sensor networks
Robust encryption algorithm based sht in wireless sensor networksijdpsjournal
 

Similar to A wireless intrusion detection system and a new attack model (synopsis) (20)

Ii3415521555
Ii3415521555Ii3415521555
Ii3415521555
 
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...
 
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
Hop- by- Hop Message Authentication and Wormhole Detection Mechanism in Wirel...
 
INTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENT
INTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENTINTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENT
INTRUSION IDENTIFICATION IN MANET USING ENHANCED ADAPTIVE ACKNOWLEDGEMENT
 
Passive monitoring to build Situational Awareness
Passive monitoring to build Situational AwarenessPassive monitoring to build Situational Awareness
Passive monitoring to build Situational Awareness
 
Analyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSNAnalyze and Detect Packet Loss for Data Transmission in WSN
Analyze and Detect Packet Loss for Data Transmission in WSN
 
Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...
 
Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...Malicious attack detection and prevention in ad hoc network based on real tim...
Malicious attack detection and prevention in ad hoc network based on real tim...
 
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation AnalysisA New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
A New Way of Identifying DOS Attack Using Multivariate Correlation Analysis
 
A self-managing fault management mechanism for wireless sensor networks
A self-managing fault management mechanism for wireless sensor networks A self-managing fault management mechanism for wireless sensor networks
A self-managing fault management mechanism for wireless sensor networks
 
Integrated Security and Attack Detection Scheme for Wireless Sensor Networks
Integrated Security and Attack Detection Scheme for Wireless Sensor NetworksIntegrated Security and Attack Detection Scheme for Wireless Sensor Networks
Integrated Security and Attack Detection Scheme for Wireless Sensor Networks
 
C0511318
C0511318C0511318
C0511318
 
N0704075079
N0704075079N0704075079
N0704075079
 
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
JPD1423 A Probabilistic Misbehavior Detection Scheme toward Efficient Trust ...
 
A Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor NetworksA Survey on Threats and Security schemes in Wireless Sensor Networks
A Survey on Threats and Security schemes in Wireless Sensor Networks
 
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKPREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORK
 
Attacks in MANET
Attacks in MANETAttacks in MANET
Attacks in MANET
 
Robust encryption algorithm based sht in wireless sensor networks
Robust encryption algorithm based sht in wireless sensor networksRobust encryption algorithm based sht in wireless sensor networks
Robust encryption algorithm based sht in wireless sensor networks
 
50120140507012
5012014050701250120140507012
50120140507012
 
50120140507012
5012014050701250120140507012
50120140507012
 

More from Mumbai Academisc

Non ieee java projects list
Non ieee java projects list Non ieee java projects list
Non ieee java projects list Mumbai Academisc
 
Non ieee dot net projects list
Non ieee dot net projects list Non ieee dot net projects list
Non ieee dot net projects list Mumbai Academisc
 
Ieee 2014 java projects list
Ieee 2014 java projects list Ieee 2014 java projects list
Ieee 2014 java projects list Mumbai Academisc
 
Ieee 2014 dot net projects list
Ieee 2014 dot net projects list Ieee 2014 dot net projects list
Ieee 2014 dot net projects list Mumbai Academisc
 
Ieee 2013 java projects list
Ieee 2013 java projects list Ieee 2013 java projects list
Ieee 2013 java projects list Mumbai Academisc
 
Ieee 2013 dot net projects list
Ieee 2013 dot net projects listIeee 2013 dot net projects list
Ieee 2013 dot net projects listMumbai Academisc
 
Ieee 2012 dot net projects list
Ieee 2012 dot net projects listIeee 2012 dot net projects list
Ieee 2012 dot net projects listMumbai Academisc
 
J2ee project lists:-Mumbai Academics
J2ee project lists:-Mumbai AcademicsJ2ee project lists:-Mumbai Academics
J2ee project lists:-Mumbai AcademicsMumbai Academisc
 

More from Mumbai Academisc (20)

Non ieee java projects list
Non ieee java projects list Non ieee java projects list
Non ieee java projects list
 
Non ieee dot net projects list
Non ieee dot net projects list Non ieee dot net projects list
Non ieee dot net projects list
 
Ieee java projects list
Ieee java projects list Ieee java projects list
Ieee java projects list
 
Ieee 2014 java projects list
Ieee 2014 java projects list Ieee 2014 java projects list
Ieee 2014 java projects list
 
Ieee 2014 dot net projects list
Ieee 2014 dot net projects list Ieee 2014 dot net projects list
Ieee 2014 dot net projects list
 
Ieee 2013 java projects list
Ieee 2013 java projects list Ieee 2013 java projects list
Ieee 2013 java projects list
 
Ieee 2013 dot net projects list
Ieee 2013 dot net projects listIeee 2013 dot net projects list
Ieee 2013 dot net projects list
 
Ieee 2012 dot net projects list
Ieee 2012 dot net projects listIeee 2012 dot net projects list
Ieee 2012 dot net projects list
 
Spring ppt
Spring pptSpring ppt
Spring ppt
 
Ejb notes
Ejb notesEjb notes
Ejb notes
 
Java web programming
Java web programmingJava web programming
Java web programming
 
Java programming-examples
Java programming-examplesJava programming-examples
Java programming-examples
 
Hibernate tutorial
Hibernate tutorialHibernate tutorial
Hibernate tutorial
 
J2ee project lists:-Mumbai Academics
J2ee project lists:-Mumbai AcademicsJ2ee project lists:-Mumbai Academics
J2ee project lists:-Mumbai Academics
 
Web based development
Web based developmentWeb based development
Web based development
 
Jdbc
JdbcJdbc
Jdbc
 
Java tutorial part 4
Java tutorial part 4Java tutorial part 4
Java tutorial part 4
 
Java tutorial part 3
Java tutorial part 3Java tutorial part 3
Java tutorial part 3
 
Java tutorial part 2
Java tutorial part 2Java tutorial part 2
Java tutorial part 2
 
Engineering
EngineeringEngineering
Engineering
 

Recently uploaded

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

A wireless intrusion detection system and a new attack model (synopsis)

  • 1. A wireless Intrusion detection system and a new attack model (Synopsis) 1
  • 2. INTRODUCTION The rapid proliferation of wireless networks and mobile computing applications has changed the landscape of network security. The nature of mobility creates new vulnerabilities that do not exist in a fixed wired network, and yet many of the proven security measures turn out to be ineffective. Therefore, the traditional way of protecting networks with firewalls and encryption software is no longer sufficient. We need to develop new architecture and mechanisms to protect the wireless networks and mobile computing applications. Vulnerabilities of Mobile Wireless Networks The nature of mobile computing environment makes it very vulnerable to an adversary's malicious attacks. First of all, the use of wireless links renders the network susceptible to attacks ranging from passive eavesdropping to active interfering. Unlike wired networks where adversary must gain physical access to the network wires or pass through several lines of defense at firewalls and gateways, attacks on a wireless network can come from all directions and target at any node. Damages can include leaking secret information, message contamination, and node impersonation. All these mean that a wireless ad-hoc 2
  • 3. network will not have a clear line of defense, and every node must be prepared for encounters with an adversary directly or indirectly. Second, mobile nodes are autonomous units that are capable of roaming independently. This means that nodes with inadequate physical protection are receptive to being captured, compromised, and hijacked. Since tracking down a particular mobile node in a global scale network cannot be done easily, attacks by a compromised node from within the network are far more damaging and much harder to detect. Therefore, mobile nodes and the infrastructure must be prepared to operate in a mode that trusts no peer. Third, decision-making in mobile computing environment is sometimes decentralized and some wireless network algorithms rely on the cooperative participation of all nodes and the infrastructure. The lack of centralized authority means that the adversaries can exploit this vulnerability for new types of attacks designed to break the cooperative algorithms. To summarize, a mobile wireless network is vulnerable due to its features of open medium, dynamic changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense. 3
  • 4. The Need for Intrusion Detection Intrusion prevention measures, such as encryption and authentication, can be used in ad-hoc networks to reduce intrusions, but cannot eliminate them. For example, encryption and authentication cannot defend against compromised mobile nodes, which often carry the private keys. Integrity validation using redundant information (from different nodes), such as those being used in secure routing, also relies on the trustworthiness of other nodes, which could likewise be a weak link for sophisticated attacks. To secure mobile computing applications, we need to deploy intrusion detection and response techniques, and further research is necessary to adapt these techniques to the new environment, from their original applications in fixed wired network. In this paper, we focus on a particular type of mobile computing environment called mobile ad-hoc networks and propose a new model for intrusion detection and response for this environment. We will first give a background on intrusion detection, and then present our new architecture. 4
  • 5. EXISTING SYSTEM  Traditional systems in place for intrusion detection primarily use a method known as “Finger Printing” to identify malicious users. They are complex.  They are rule dependent. The behavior of packets flowing in the network is new, then the system cannot take any decision. So they purely work in the basis of initial rules provided.  The rules in the database are static unless the network administrator manually enters the rules. It does not provide any option for generating dynamic rule set.  It cannot create its own rule depending on the current situation.  It requires manual energy to monitor the inflowing packets and analyze their behavior.  It cannot take decision in runtime. 5
  • 6.  If the pattern of the packet is new and not present in the records, then it allows the packets to flow without analyzing whether it is an intruder or not.  The packet with a new behavior can easily pass without being filtered. PROPOSED SYSTEM  It uses matching algorithm, which is an artificial intelligence problem-solving model.  IDS compare learned user characteristics from an empirical to all users of a system.  It includes temporal and spatial information of the network traffic.  It is both network based and host based system.  It can take decision in runtime. 6
  • 7. ADVANTAGES  It eliminates the need for an attack to be previously known to be detected because malicious behavior is different from normal behavior by nature.  Using a generalized behavioral model is theoretically more accurate, efficient and easier to maintain than a finger printing system.  It uses constant amount of computer resources per user, drastically reducing the possibility of depleting available resources.  Once installed, there is no need for any manual energy to monitor the system.  It promotes high detection rate of malicious behavior and a low false positive rate of normal behavior classified as malicious. 7
  • 8. MODULE DESCRIPTION The modules contained in this project are as follows:  Distributed detection. a) Multicast the packet to detect the intruder.  Matching the List of events.  Multicast the intruder to the neighboring nodes.  Sending data to destination. DISTRIBUTED DETECTION The basic idea is to set up a monitor at each node in the network to produce evidences and to share them among all the nodes .An evidence is a set of relevant information about the network state A monitor can be thought of as an instance of the ethereal network packet sniffer: It captures the traffic and displays the detailed information on it.For each captured packet Ethereal displays a complete view of packet headers (i.e. from Ethernet to the application level) and payload and add some general statistics as the timestamp, frame number and length in bytes. For our purposes we’ll look at the Ethernet level header, and as we’re focusing on 802.11 frames we’ll consider source, destination and BSSId addresses, sequence number, frame type and subtype and 8
  • 9. the Retry flag. Together with the captured packets, we add relevant statistics collected by the device driver, like counters for transmission retries and for frames received with wrong FCS (other papers[7] use different statistics as signal strength and carrier sensing time), and packet transmission time. We built in this way a list of events at each node. Events are the single transmitted packet or the times in which the channel is idle, which can be inferred from the timestamp of the packets and the packet transmission times. The combination of different list of events leads to the better understanding of what happened in the network, in particular in distinguishing the jamming attacks and channel failures, where packets are sent by one peer and never received by other peer. Both the channel failure and a jamming attack make the FCS check of the packet fail, thus the packet in transit will be incorrectly received and dropped, incrementing the “dropped frames” counter in the device driver at the receiver. The difference between the 2 cases is the amount of incorrectly received frames at the receiver. Suppose if the receiving station is under jamming network, where the packets which pass through the jamming area get scrambled. The monitor placed at the sender’s side will see 9
  • 10. the number of frames sent on the channel and the monitor at the receiver end won’t see anything received correctly, and will keep on increasing the incorrectly received frames counter. The sender will retry the transmission a number of times and all these retransmissions will be dropped as well, incrementing the counter. We are able to detect the attack by combining what both monitors saw, as a single one is not able to do the same: the receiver’s evidences (no packets received and counter updated) are in fact not enough to distinguish the attack. For the receiver, receiving incorrect frames can happen for various reasons: frames from stations at the limit of the radio range, frames from neighbor networks or noisy channel are all examples of this. If the counter is not updated, then staying idle without having transmissions aimed at it or experiencing a device failure is undistinguished from being under attack. On the other side, the transmitter cannot tell if the other peer is out of range given the retransmissions only. DETECT THE INTRUDER The initial process is the training process where the source sends the packet with events to all the nodes in the 10
  • 11. network to detect the intruder. This process is known as multicasting. Before sending the packets to all nodes, the source node initiates the timestamp for the packets. This training process is stored as an initial event list #1 in the source node. Receivers receive the packets which contain the timestamp and send appropriate ACK replies. Receivers store the received packets in their event list. After receiving all the packets from source/initiator receiver sends the reply ACK by using multicast method. Intruder detection is done by checking the received ACK packets for anomalies. This is done by the matching algorithm. MATCHING THE LIST OF EVENTS The basic algorithm to match two lists of events is as follows: we start from the first list and for every event (packet or channel idle) we try to find a matching event on the second list that is, given a packet we look for it on the second list. As we don’t have cheaters into play for now, what we find is that for every packet on the first list we find it on the second one if the network worked fine, else we find a channel idle event if some problem (jamming or malfunctioning) happened. Continuing the example above, we’d have transmitted packets on the first event list and channel idle (together with a high number of dropped packets) on the second one. We can find unmatched events 11
  • 12. on the second list at the end (for example if the first node was jammed), so we swap the 2 lists and run the matching algorithm again. The final output is a single list of events which combines the two. Jamming and channel failure have the same basic signature (which is packets transmitted and never received), but differentiate on their position in the event list. A few packets disappearing here and there are index of channel failures, while a sequence of disappearing packets is considered as jamming. A large number of nonconsecutive channel failures are index of bad QoS. Since all nodes participate in the detection process, we extend it in order to match multiple lists. The idea is to merge one list at a time with the result of the previous merge. In other words, we merge lists #1 and #2, and then we match the result with list #3, until we processed every list. We obtain in this way an aggregated list of all events which happened in the network in a given time frame. We have to notice here that a node might not overhear the traffic of every other node because of range. We supposed that each node has relevant information to offer, but this is not always true. The key feature here is that the monitoring system is distributed. A single station alone cannot tell if it is experiencing an attack or just a temporary network failure, 12
  • 13. and cooperation among all nodes is required for the nodes to understand what is going on. The event lists are shared among all nodes in the network. All nodes send their evidences to every other node in the network. Part in the protocol. Every node executes the matching algorithm to generate the aggregated event list to have a clear view of what happened in the network in the given time frame. MULTICAST THE INTRUDER TO THE NEIGHBOURING NODES The matching algorithm will invoke after receiving reply events from the network. It compares events from the other nodes with that of the initiator. If anyone from the received ACK packets is not matched, then that particular node is the intruder to be found. Now that the intruder is detected the address of the intruder is sent to the entire network by multicasting. Neighbor nodes receive the IP address of the intruder and store it in the event lists to prevent future attacks from that node in the network. The multicasting of the intruder address is done source. SENDING DATA TO THE DESTINATION The data send process is done by splitting the chosen text file into packets for transmission. The data send process 13
  • 14. is invoked after the source finds out an intruder free path. In the case of jamming/network malfunction, the source waits till the network is restored, starts the training process to find the intruders and if any detected, selects a path free from intrusion. The path selection is done by the Dynamic Source Routing Protocol (DSR). The source sends the data directly to the destination through the ‘safe’ path. Destination receives the data in the form of packets and checks for anomalies to detect any loss of data in the data due to intrusion. The control flow and sequence of events of the project is described in the diagram below. 14
  • 15. Intrusion Detection System flow chart 15
  • 16. REQUIREMENT SPECIFICATION Hardware Specifications Hard Disk : 40GB and Above. RAM : 128MB and Above. Processor : Pentium III and Above. Software Specifications Operating System : Windows 2000 and Above. Programming Package used Swings. 16 : Java 1.4 and Above,