Key Issues and Challenges of Intrusion Detection and Prevention System: Developing Proactive Protection in Wireless Network Environment
Nowadays wireless technology plays an important
role in public and personal communication. However, the growth of
wireless networking has confused the traditional boundaries between
trusted and untrusted networks. Wireless networks are subject to a
variety of threats and attacks at present. An attacker has the ability to
listen to all network traffic which becoming a potential intrusion.
Intrusion of any kind may lead to a chaotic condition. In addition,
improperly configured access points also contribute the risk to
wireless network. To overcome this issue, a security solution that
includes an intrusion detection and prevention system need to be
implemented. In this paper, first the security drawbacks of wireless
network will be analyzed then investigate the characteristics and also
the limitations on current wireless intrusion detection and prevention
system. Finally, the requirement of next wireless intrusion prevention
system will be identified including some key issues which should be
focused on in the future to overcomes those limitations.
[1] Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, "INTRUSION
DETECTION: A SURVEY", Managing Cyber Threats: Issues,
Approaches and Challenges, Vol. 5, 2005, Springer Publisher.
[2] Alina Olteanu and Yang Xiao, "Security Overhead and Performance for
Aggregation with Fragment Retransmission (AFR) in Very High-Speed
Wireless 802.11 LANs", IEEE TRANSACTIONS ON WIRELESS
COMMUNICATIONS, VOL. 9, NO. 1, JANUARY 2010
[3] Alvaro A.Cardenas, "A Framework for the Evaluation of Intrusion
Detection Systems", IEEE Symposium on Security and Privacy, 2006
[4] Carl Endorf, "Intrusion Detection and Prevention", McGraw-
Hill/Osborne, 2004
[5] Dong Lijun, Yu Shengsheng, Xia Tao, Liao Rongtao. "WBIPS: A
Lightweight WTLS-Based Intrusion Prevention Scheme", In
Proceedings of the International Conference on Wireless
Communications, Networking and Mobile Computing, IEEE Press, Sept.
2007, pp. 2298-2301.
[6] Earle, A.E., "Wireless Security Handbook", Auerbach Publications
Taylor & Francis Group, New York, 2006
[7] Fernandez, E.B., Jawhar, I.. Petrrie. VanHilst, M., "An overview of the
security wireless network", http://csrc. nist.gov/publications/
nistpubs/80048/NIST_SP_800-48.pdf, 2004
[8] Gast, Matthew, "802.11Wireless Networks: The Definitive Guide",
Sebastopol,CA: O'Reilly, 2005
[9] Gunter Schafer, "Security in Fixed and Wireless Networks: an
Introduction to Securing Data Communications", Wiley, 2003
[10] Guanlin Chen1, Hui Yao, Zebing Wang, "An Intelligent WLAN
Intrusion Prevention System Based on Signature Detection and Plan
Recognition", Second International Conference on Future Networks,
2010
[11] Guanlin Chen, Hui Yao, Zebing Wang, "Research of Wireless Intrusion
Prevention Systems based on Plan Recognition and Honeypot", In
Proceedings of the International Conference on Wireless
Communications & Signal Processing, IEEE Computer Society, Nov.
2009
Jack TIMOFTE, "Wireless Intrusion Prevention System", Revista
Informatica Economica, vol. 47, March 2008
[12] Lane, Heater D.. Securities Vulnerabilities and Wireless LAN
Technology. SANS Institute, Virginia Beach 2006.
[13] Lynn Michael T., Hrastar Scott, "Method and system for actively
defending a wireless LAN against attacks", United States Patent
Application 20030233567, Jun. 2002
[14] Manivannan, N. dan Neelameham, P., 2006, "Wireless Security
Techniques", Georgian Electronic Scientific Journal: Computer Science
and Telecommunications 2006 No.2(9)
[15] Paul Bedell, "Wireless Crash Course", 2nd Edition, McGraw-Hill, 2005
[16] Paul DeBeasi, "802.11n: The End of Ethernet?", Network and Telecom
Strategies In-Depth Research Report, Burton Group Sep 14, 2009
[17] Timothy D. Wickham, "Intrusion detection is dead. Long live
prevention!"http://www.sans.org/readingJoom/whitepapers/detection/
1028.php, 2003.
[18] Timothy R.Schmoyer, "Wireless Intrusion Detection and Response: A
Case Study using the Classic Man-in-the-Middle-Attack", IEEE
Communication Society, 2004
[19] Tung, S.S, Ahmad, N.N., Geok, T.K., 2006, "Wireless LAN Security:
Securing Your Access point", IJCSNS International Journal of
Computer Science and Network Security", VOL.6 No.5B, May 2006
[20] V. Vartak, S. Ahmad, K N Gopinath. "An Experimental Evaluation of
Over-The-Air (OTA) Wireless Intrusion Prevention Techniques", In
Proceedings of the 2nd International Conference on Communication
Systems Software and Middleware, IEEE Computer Society, Jan. 2007,
pp. 1-7.
[21] Vladimirov, Andrew A., Konstantin V. Gavrilenko, and Andrei A.
Mikhailovsky. "Wi-Foo: The Secrets of Wireless Hacking", Boston:
Addison-Wesley, (2004)
[22] Wen-Chuan Hsieh, Chi-Chun Lo, Jing-Chi Lee, and Li-Tsung Huang,
'The implementation of a proactive wireless intrusion detection system",
In Proceedings of the Fourth International Conference on Computer and
Information Technology, IEEE Press, Sept. 2004, pp. 581-586.
[23] Wu Junqi, "Study of Intrusion Detection System (IDSs) in Network
Security", IEEE Wireless Communication, 2008
[24] Yujia Zhang, Guanlin Chen*, Wenyong Weng, Zebing Wang, "An
Overview of Wireless Intrusion Prevention Systems", 2010 Second
International Conference on Communication Systems, Networks and
Applications
[25] Yaqing Zhang, Srinivas Sampalli, "Networking and Communications
Client-based Intrusion Prevention System for 802.11 Wireless LANs",
2010 IEEE 6th Intemational Conference on Wireless and Mobile
Computing.
[1] Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, "INTRUSION
DETECTION: A SURVEY", Managing Cyber Threats: Issues,
Approaches and Challenges, Vol. 5, 2005, Springer Publisher.
[2] Alina Olteanu and Yang Xiao, "Security Overhead and Performance for
Aggregation with Fragment Retransmission (AFR) in Very High-Speed
Wireless 802.11 LANs", IEEE TRANSACTIONS ON WIRELESS
COMMUNICATIONS, VOL. 9, NO. 1, JANUARY 2010
[3] Alvaro A.Cardenas, "A Framework for the Evaluation of Intrusion
Detection Systems", IEEE Symposium on Security and Privacy, 2006
[4] Carl Endorf, "Intrusion Detection and Prevention", McGraw-
Hill/Osborne, 2004
[5] Dong Lijun, Yu Shengsheng, Xia Tao, Liao Rongtao. "WBIPS: A
Lightweight WTLS-Based Intrusion Prevention Scheme", In
Proceedings of the International Conference on Wireless
Communications, Networking and Mobile Computing, IEEE Press, Sept.
2007, pp. 2298-2301.
[6] Earle, A.E., "Wireless Security Handbook", Auerbach Publications
Taylor & Francis Group, New York, 2006
[7] Fernandez, E.B., Jawhar, I.. Petrrie. VanHilst, M., "An overview of the
security wireless network", http://csrc. nist.gov/publications/
nistpubs/80048/NIST_SP_800-48.pdf, 2004
[8] Gast, Matthew, "802.11Wireless Networks: The Definitive Guide",
Sebastopol,CA: O'Reilly, 2005
[9] Gunter Schafer, "Security in Fixed and Wireless Networks: an
Introduction to Securing Data Communications", Wiley, 2003
[10] Guanlin Chen1, Hui Yao, Zebing Wang, "An Intelligent WLAN
Intrusion Prevention System Based on Signature Detection and Plan
Recognition", Second International Conference on Future Networks,
2010
[11] Guanlin Chen, Hui Yao, Zebing Wang, "Research of Wireless Intrusion
Prevention Systems based on Plan Recognition and Honeypot", In
Proceedings of the International Conference on Wireless
Communications & Signal Processing, IEEE Computer Society, Nov.
2009
Jack TIMOFTE, "Wireless Intrusion Prevention System", Revista
Informatica Economica, vol. 47, March 2008
[12] Lane, Heater D.. Securities Vulnerabilities and Wireless LAN
Technology. SANS Institute, Virginia Beach 2006.
[13] Lynn Michael T., Hrastar Scott, "Method and system for actively
defending a wireless LAN against attacks", United States Patent
Application 20030233567, Jun. 2002
[14] Manivannan, N. dan Neelameham, P., 2006, "Wireless Security
Techniques", Georgian Electronic Scientific Journal: Computer Science
and Telecommunications 2006 No.2(9)
[15] Paul Bedell, "Wireless Crash Course", 2nd Edition, McGraw-Hill, 2005
[16] Paul DeBeasi, "802.11n: The End of Ethernet?", Network and Telecom
Strategies In-Depth Research Report, Burton Group Sep 14, 2009
[17] Timothy D. Wickham, "Intrusion detection is dead. Long live
prevention!"http://www.sans.org/readingJoom/whitepapers/detection/
1028.php, 2003.
[18] Timothy R.Schmoyer, "Wireless Intrusion Detection and Response: A
Case Study using the Classic Man-in-the-Middle-Attack", IEEE
Communication Society, 2004
[19] Tung, S.S, Ahmad, N.N., Geok, T.K., 2006, "Wireless LAN Security:
Securing Your Access point", IJCSNS International Journal of
Computer Science and Network Security", VOL.6 No.5B, May 2006
[20] V. Vartak, S. Ahmad, K N Gopinath. "An Experimental Evaluation of
Over-The-Air (OTA) Wireless Intrusion Prevention Techniques", In
Proceedings of the 2nd International Conference on Communication
Systems Software and Middleware, IEEE Computer Society, Jan. 2007,
pp. 1-7.
[21] Vladimirov, Andrew A., Konstantin V. Gavrilenko, and Andrei A.
Mikhailovsky. "Wi-Foo: The Secrets of Wireless Hacking", Boston:
Addison-Wesley, (2004)
[22] Wen-Chuan Hsieh, Chi-Chun Lo, Jing-Chi Lee, and Li-Tsung Huang,
'The implementation of a proactive wireless intrusion detection system",
In Proceedings of the Fourth International Conference on Computer and
Information Technology, IEEE Press, Sept. 2004, pp. 581-586.
[23] Wu Junqi, "Study of Intrusion Detection System (IDSs) in Network
Security", IEEE Wireless Communication, 2008
[24] Yujia Zhang, Guanlin Chen*, Wenyong Weng, Zebing Wang, "An
Overview of Wireless Intrusion Prevention Systems", 2010 Second
International Conference on Communication Systems, Networks and
Applications
[25] Yaqing Zhang, Srinivas Sampalli, "Networking and Communications
Client-based Intrusion Prevention System for 802.11 Wireless LANs",
2010 IEEE 6th Intemational Conference on Wireless and Mobile
Computing.
@article{"International Journal of Electrical, Electronic and Communication Sciences:51227", author = "M. Salman and B. Budiardjo and K. Ramli", title = "Key Issues and Challenges of Intrusion Detection and Prevention System: Developing Proactive Protection in Wireless Network Environment", abstract = "Nowadays wireless technology plays an important
role in public and personal communication. However, the growth of
wireless networking has confused the traditional boundaries between
trusted and untrusted networks. Wireless networks are subject to a
variety of threats and attacks at present. An attacker has the ability to
listen to all network traffic which becoming a potential intrusion.
Intrusion of any kind may lead to a chaotic condition. In addition,
improperly configured access points also contribute the risk to
wireless network. To overcome this issue, a security solution that
includes an intrusion detection and prevention system need to be
implemented. In this paper, first the security drawbacks of wireless
network will be analyzed then investigate the characteristics and also
the limitations on current wireless intrusion detection and prevention
system. Finally, the requirement of next wireless intrusion prevention
system will be identified including some key issues which should be
focused on in the future to overcomes those limitations.", keywords = "intrusion detection, intrusion prevention, wireless
networks, proactive protection", volume = "5", number = "5", pages = "602-4", }