Final Design Project
As part of the ECE 4006 Final Design Project, I developed a Wireless Intrusion
Detection System (IDS) with countermeasures for the 802.11b protocol along with Yu-Xi Lim, Varun
Kanotra and Seng Oon Toh.
Our product is designed to be a complete standalone software
and hardware implementation of a security system that can be easily deployed throughout the network to
actively look for abnormal network activity that would indicate the presence of wireless clients with
malicious intent. The countermeasures module of our product then serves to confuse the attacker by
hiding the actual wireless network among a flood of many other wireless networks. This should be
sufficient to confuse the casual attacker who is not experienced enough to identify the actual network.
Furthermore, our product will thwart further advances by the attacker to obtain the network’s
encryption key by polluting the data pool that is used to decrypt the key. Finally we have included a
denial of service attack that can be selectively enabled by the network administrator. This attack is
designed to disable malicious wireless clients as soon as they are detected so as to limit the damage
that can be done.
Source
Code (TAR File)
Final
Report (PDF)
Final
Presentation (PDF)
Results of our project were summarized and
presented at the IEEE 4th Annual Information Assurance Workshop.
Wireless Intrusion
Detection and Response (PDF)
Wireless Intrusion Detection & Response Research
Since summer 2003, I have been part of a
research project under Tim Schmoyer, a PhD student, supervised by Dr. Henry Owen on wireless security.
With the underlying objective of devising a theory and a practical working model for detecting and
acting against wireless network intruders using any protocol, I helped develop an intrusion detection
and countermeasures toolkit for WiFi (802.11b). The toolkit forms a portable layer on top of currently
available drivers for wireless cards, providing flexibility and ease of use in operating wireless
networks. Working on a subpart of the project, I was responsible for writing countermeasures against
rogue clients and “monkey-in-the-middle” attacks. Using techniques used by wireless intruders
themselves, my program was able to avoid the rogue client, to move the real clients to a safer location
(channel), and to spoof traffic to confuse the attacker. All this was done with negligible impact on
the network and by making use of 802.11b protocol vulnerabilities.
I continue working with Dr. Owen throughout
fall 2003 to write extensive tools for wireless attacks, their detection, and appropriate response.
Wireless IDS Functions
Papers & Tools on Wireless Security
Last Modified: 3rd April '06
Nitin Namjoshi
|