Research and development of a reference model for intrusion handling systems in wireless LANs

Zamankhani, Shahram Salek (2011) Research and development of a reference model for intrusion handling systems in wireless LANs. Doctoral thesis, London Metropolitan University.

[img]
Preview
Text
542798.pdf - Published Version

Download (33MB) | Preview

Abstract / Description

Wireless Local Area Networks (WLANs) are different from the traditional wired LANs in terms of their easy exposure to potential threats and vulnerability to exploitation. Hence, there is an urgent need for effective Intrusion Handling Systems (IHSs) and the methods for their evaluation. Analyses of the IHSs (Snort Wireless, Bro and Kismet) for WLANs performed in this work have shown that they are all built as proprietary systems. These IHSs do not consider the existence of other IHSs nor do they try to determine ways to establish inter-IHS collaboration in order to achieve a better security for WLANs. Based on these analyses the unified presentation of the features and architectures of these IHSs have been developed. In this thesis, it has been identified a distinct absence of a standardised reference model for IHSs. Hence, a novel reference model is proposed for a scalable distributed IHS that defines system architecture, specifying the need for identification and response systems with associated sets of methods and inter-IHS communications protocol. A model of IHS description for ad hoc networks with a present intruder has been developed and a need for Unified Intrusion Handling Report Format, Inter IHS Message and Inter IHS Communication Subsystem for inter IHS communications has been identified. Ontologybased approach for modelling of IHS has been suggested and formally adopted throughout. IHS Modeling Ontology (IHSMO) has been developed based on the previous analyses of IHSs. This IHSMO is unique because it has components specifically addressing WLANs. The IHSMO is built using the Hozo ontology editor that allows both specification and verification of the model's integrity, which established a common framework for comparison and benchmarking. For evaluation purposes the ontologybased models of the same IHSs (Snort Wireless, Bro and Kismet) have been built using Hozo ontology editor. Comparison of their ontologies was undertaken in a unified way using IHSMO as a reference. This enabled the functionality gap analysis to be performed using IHSMO concepts and slots in order to demonstrate lack of essential functionalities in some systems. This further informed in the evaluation of the proposed model. The approach allows adopting and extending the IHSMO if knowledge changes in future.

Item Type: Thesis (Doctoral)
Additional Information: uk.bl.ethos.542798
Uncontrolled Keywords: Wireless Local Area Networks (WLANs); WLANs vulnerability; Intrusion Handling Systems (IHSs); reference model; IHS Modeling Ontology (IHSMO); Snort Wireless (intrusion detection system); Bro (intrusion detection system); Kismet (intrusion detection system)
Subjects: 000 Computer science, information & general works
Department: School of Computing and Digital Media
Depositing User: Chiara Repetto
Date Deposited: 26 Apr 2022 10:26
Last Modified: 26 Apr 2022 10:26
URI: http://repository.londonmet.ac.uk/id/eprint/7502

Downloads

Downloads per month over past year



Downloads each year

Actions (login required)

View Item View Item