A Concept of Behavioral Reputation System in Wireless Networks
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F13%3APU106345" target="_blank" >RIV/00216305:26230/13:PU106345 - isvavai.cz</a>
Výsledek na webu
<a href="http://www.fit.vutbr.cz/research/pubs/all.php?id=10315" target="_blank" >http://www.fit.vutbr.cz/research/pubs/all.php?id=10315</a>
DOI - Digital Object Identifier
—
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
A Concept of Behavioral Reputation System in Wireless Networks
Popis výsledku v původním jazyce
Nowadays wireless networks are becoming more important in personal and public communication. Most of them is secured by 802.11i standard with strong AES cipher - WPA2. In many cases an attacker has the ability to listen to all encrypted network traffic which becoming a potential intrusion. Each client in wireless network is vulnerable to a variety of threats and attacks. Many attacks especially in corporate networks are realized from internal environment. Identity theft is next serious problem of wireless networks. We should able to precisely identify every entity in wireless network, and then determine malicious behavior of these entities. Many research in this area usually focuses on explicit identifiers such as MAC address, which can be changed easily. Thus it is challenging to track users and their behavior with always changing identifiers. In this paper, first we analyzed in detail security issues of the newest standard (WPA2), then we propose a concept of reputation system in 802.11i networks in order to achieve correct identification of wireless entities and detection malicious behavior of these entities. Basement for reputation system is creation of behavior model for each entity in system (all devices and access points). This model is created by the algorithm which select right attributes (signal strength, MAC address, FromDS, destination IP address, etc.) contained in on-the-fly frame. These attributes are used in number of metrics able to detect or describe entity behavior. Our approach work across network layers; we take some attributes from radiotap header, all attributes from 802.11 frame, and many attributes from network, transport and application layer. Algorithm take advantages from combination of radio-fingerprinting, link layer and all possible upper layers. Obtaining data from upper than link layer is very complicated, because they are encrypted. We developed two different ways to gain data from upper layers. First approa
Název v anglickém jazyce
A Concept of Behavioral Reputation System in Wireless Networks
Popis výsledku anglicky
Nowadays wireless networks are becoming more important in personal and public communication. Most of them is secured by 802.11i standard with strong AES cipher - WPA2. In many cases an attacker has the ability to listen to all encrypted network traffic which becoming a potential intrusion. Each client in wireless network is vulnerable to a variety of threats and attacks. Many attacks especially in corporate networks are realized from internal environment. Identity theft is next serious problem of wireless networks. We should able to precisely identify every entity in wireless network, and then determine malicious behavior of these entities. Many research in this area usually focuses on explicit identifiers such as MAC address, which can be changed easily. Thus it is challenging to track users and their behavior with always changing identifiers. In this paper, first we analyzed in detail security issues of the newest standard (WPA2), then we propose a concept of reputation system in 802.11i networks in order to achieve correct identification of wireless entities and detection malicious behavior of these entities. Basement for reputation system is creation of behavior model for each entity in system (all devices and access points). This model is created by the algorithm which select right attributes (signal strength, MAC address, FromDS, destination IP address, etc.) contained in on-the-fly frame. These attributes are used in number of metrics able to detect or describe entity behavior. Our approach work across network layers; we take some attributes from radiotap header, all attributes from 802.11 frame, and many attributes from network, transport and application layer. Algorithm take advantages from combination of radio-fingerprinting, link layer and all possible upper layers. Obtaining data from upper than link layer is very complicated, because they are encrypted. We developed two different ways to gain data from upper layers. First approa
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Návaznosti výsledku
Projekt
<a href="/cs/project/ED1.1.00%2F02.0070" target="_blank" >ED1.1.00/02.0070: Centrum excelence IT4Innovations</a><br>
Návaznosti
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>Z - Vyzkumny zamer (s odkazem do CEZ)<br>S - Specificky vyzkum na vysokych skolach
Ostatní
Rok uplatnění
2013
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
The 47th Annual International Carnahan Conference on Security Technology
ISBN
978-958-8790-65-7
ISSN
—
e-ISSN
—
Počet stran výsledku
5
Strana od-do
86-90
Název nakladatele
Institute of Electrical and Electronics Engineers
Místo vydání
Medellín
Místo konání akce
Medellín
Datum konání akce
8. 10. 2013
Typ akce podle státní příslušnosti
WRD - Celosvětová akce
Kód UT WoS článku
—