Wireless Intrusion Detection

Abstract

This report describes a Wireless Intrustion Detection (WIND) system that utilized physical layer features, derived from individual radio frequency packets, to identify network intrustions. The features considered include those intrinsic to the packet source, as well as those related to the propagation path between the source and a network access point. It is shown that the statistics of a set of packet features can be used to fingerprint each packet source in the network, thereby providing a mechanism for identifying rogue node activity, such as a spoofing attack. Empirical results are presented for IEEE 802.11b networks. Initial test results suggest WIND can achieve a 99% probability of detection with a 10% false alarm rate.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2007
Accession Number
ADA466332

Entities

People

  • Albert A. Tomko
  • Christian J. Rieser
  • David R. Zaret
  • Louis H. Buell
  • William M. Turner

Organizations

  • Johns Hopkins University

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Sensors

DTIC Thesaurus Topics

  • Anomaly Detection
  • Change Detection
  • Computer Networks
  • Computer Programs
  • Data Storage Systems
  • Detection
  • Detectors
  • False Alarms
  • Identification
  • Information Science
  • Intrusion Detection
  • Intrusion Detectors
  • Local Area Networks
  • Modulation
  • Network Protocols
  • Plastic Explosives
  • Warning Systems

Fields of Study

  • Computer science

Readers

  • Acoustical Oceanography.
  • Computer Networking
  • Critical Infrastructure Protection in CBRN and WMD Threats.