Wireless Intrusion Detection

Tomko, Albert A.; Rieser, Christian J.; Buell, Louis H.; Zaret, David R.; Turner, William M.

Wireless Intrusion Detection

Active / Technical Report | Accession Number: ADA466332 |

Open PDF

Abstract:

This report describes a Wireless Intrustion Detection WIND system that utilized physical layer features, derived from individual radio frequency packets, to identify network intrustions. The features considered include those intrinsic to the packet source, as well as those related to the propagation path between the source and a network access point. It is shown that the statistics of a set of packet features can be used to fingerprint each packet source in the network, thereby providing a mechanism for identifying rogue node activity, such as a spoofing attack. Empirical results are presented for IEEE 802.11b networks. Initial test results suggest WIND can achieve a 99 probability of detection with a 10 false alarm rate.

Author(s):

Tomko, Albert A. ; Rieser, Christian J. ; Buell, Louis H. ; Zaret, David R. ; Turner, William M.

Author Organization(s):

JOHNS HOPKINS UNIV BALTIMORE MD

Descriptive Note:

Final technical rept. Sep 2004-Oct 2006

Supplementary Note:

The original document contains color images. DOI: 10.21236/ADA466332

Pagination:

0138

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

AFRL-IF-RS-TR-2007-62

Contract/Grant Number(s):

FA8750-04-1-0273

Task Number(s):

WI

Project Number(s):

4519

Monitor Series:

TR-2007-62, AFRL-IF-RS

Subject Terms

Joint Capability Areas:

JCA_6_Net Centric; JCA_6.1.2_Wireless Transmission; JCA_1.2.7_Experimentation; JCA_6.1.1_Wired Transmission; JCA_6.1.3_Switching and Routing; JCA_6.1_Information Transport; JCA_6.4.1_Secure Information Exchange; JCA_6.4_Information Assurance; JCA_3.2_Engagement; JCA_3_Force Application; JCA_3.2.2_Non-Kinetic Means; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_7_Protection; JCA_5_Command and Control; JCA_6.3.1_Optimized Network Functions and Resources; JCA_6.3.3_Spectrum Management; JCA_6.3.4_Cyber Management; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_5.2_Understand; JCA_6.3_Net Management

Modernization Areas:

Cyber; Microelectronics; Fully Networked C3; Quantum Science and Computing

Communities of Interest:

Energy and Power Technologies

Descriptor(s):

*LOCAL AREA NETWORKS, *INTRUSION DETECTION, *WIRELESS LINKS, ALGORITHMS, PROBABILITY, GENETIC TISSUE IDENTIFICATION, RADIOFREQUENCY, PROPAGATION

Field(s)/Group(s):

Computer Systems

Keyword(s):

PE62702F, WUAFRL4519WID1

Report Date:

2007 Mar 01

Creation Date:

2007 Jun 13