Development of Malicious Traffic Detection and Prevention System by Embedded Module on Wireless LAN Access Point

무선 LAN Access Point에서 임베디드 형태의 유해 트래픽 침입탐지/차단 시스템 개발

  • 이형우 (한신대학교 컴퓨터정보소프트웨어학부) ;
  • 최창원 (한신대학교 컴퓨터정보소프트웨어학부)
  • Published : 2006.12.28

Abstract

With the increasing popularity of the wireless network, the vulnerability issue on IEEE 802.1x Wireless Local Area Network (WLAN) are more serious than we expected. Security issues range from mis-configured wireless Access Point(AP) such as session hijacking to Denial of Service(DoS) attack. We propose a new system based on intrusion detection or prevention mechanism to protect the wireless network against these attacks. The proposed system has a security solution on AP that includes an intrusion detection and protection system(IDS/IPS) as an embedded module. In this paper, we suggest integrated wireless IDS/IPS module on AP with wireless traffic monitoring, analysis and packet filtering module against malicious wireless attacks. We also present that the system provides both enhanced security and performance such as on the university wireless campus network.

Keywords

Access Point;Intrusion detection;Intrusion Prevention;Wireless LAN;Integrated Wireless Security System