1 / 1

asdf

Intrusion Detection and Forensics for Self-defending Wireless Networks Yan Chen, Northwestern University Tel. (847) 491-4946, E-Mail: ychen@northwestern.edu. Objectives:

kitra-mayer
Download Presentation

asdf

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Intrusion Detection and Forensics for Self-defending Wireless Networks Yan Chen, Northwestern University Tel. (847) 491-4946, E-Mail: ychen@northwestern.edu • Objectives: • Proactively secure wireless networks via searching unknown protocol vulnerabilities, especially for security protocols such as Extensible Authentication Protocols (EAP). • Design defense schemes for the vulnerabilities discovered. • Forensics and situational-aware analysis for botnets, in particular for the large-scale ``botnet probes‘’ in which a collection of remote hosts together probes the address space monitored by a sensor in some sort of coordinated fashion. asdf Objective Challenge/Response TLS EAP-SIM EAP-AKA EAP-TTLS PEAP EAP-FAST EAP-TLS Vulnerability analysis of various wireless network protocols. Extensible Authentication Protocol (EAP) • Scientific/Technical Approach: • Reveal a serious vulnerability of exception handling in most wireless security and communication protocols by showing an exception triggered attack. • Design countermeasures for detection of such attacks and improvements of protocols for prevention. • Draw upon extensive honeynet data to explore the properties of different types of scanning, such as trend, uniformity, coordination, and darknet avoidance. • Design schemes to extrapolate the global properties of the scanning events (e.g., total population and target scope) as inferred from the limited local view of a honeynet. • Accomplishments: • Find exception triggered denial of service (DoS) attacks in various wireless network security protocols, including variants of EAP and mobile IPv6. • Conduct real world experiments to evaluate the efficiency and effectiveness of attacks and defense. • Design schemes to infer the properties (including extrapolated global ones) for botnet probing events. • Challenges: • Network protocols are too numerous and often ambiguous for vulnerability analysis. • Infer botnet global properties from limited local view. EAP Over LAN (EAPOL) 802.11 WLAN GSM UMTS/ CDMA2000

More Related