Detecting Identity Thefts In Open 802.11e Enabled Wireless Networks

Open wireless networks are commonly deployed as a result of easy access, user-friendliness, as well as easy deployment and maintance. These networks do not implement strong security features, and clients are prone to a myriad of possible attacks. Identity attacks are considered one of the most sever...

Full description

Bibliographic Details
Main Author: Holgernes, Eirik
Format: Others
Language:English
Published: Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk 2010
Subjects:
Online Access:http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-10894
Description
Summary:Open wireless networks are commonly deployed as a result of easy access, user-friendliness, as well as easy deployment and maintance. These networks do not implement strong security features, and clients are prone to a myriad of possible attacks. Identity attacks are considered one of the most severe, and as a result of this Intrusion Detection Systems (IDS) can be deployed.With the introduction of 802.11e/Quality-of-Service on a link-to-link basis in 802.11 networks, most IDS will become obsolete as they often rely on a detection technique known as MAC Sequence Counting Analysis. This specific technique will become useless if 802.11e/QoS is enabled on the network. In this thesis I have analyzed the problem further, and suggest new techniques, both implemented and verified as an IDS, as well as analytic theories in order to enhance MAC Sequence Counting Analysis to cope with the new features of 802.11e. There has been related work on the same issue, but this thesis questions their use of unreliable physical parameters in order to detect attacks. As we will see, my new proposed techniques rely on analysis of the 802.11 standard and the 802.11e amendent, and are not dependent on parameters which could be unreliable in urban and mobile environments.Experiments and analysis will demonstrate the validity of the new suggested techniques, and the outcome of the thesis will divided into two parts; Development of an optimized Intrusion Detection System and an enhanced algorithm in order to detect attacks which exploits the new features of 802.11e.