计算机应用研究2011,Vol.28Issue(5):1873-1877,5.DOI:10.3969/j.issn.1001-3695.2011.05.080
无线局域网非授权用户入侵行为分析及检测
Behavior analysis and intrusion detection of illegal access to WLAN
摘要
Abstract
A hacker wireless card named SIGLINK,which was able to reveal the WEP key on WLAN and access the Intemet for free, had been widely used.For detection of the SIGLINK, the paper studied the four means of attack: interactive packet replay, ARP-request reinjection, chopchop, fragmentation.The work presented a principle analysis of them by reviewing the process behavior when implemented the intrusion, and proposed a intrusion detection system (IDS) against it.The IDS selected 9 traffic statistical features to detect the attacks, and used SVM as the recognition algorithm.The experiment results show that the scheme makes a high detection rate.It is effective to alarm the attacks.关键词
无线局域网/入侵检测/有线等效加密/特征选择/支持向量机Key words
WLAN/ intrusion detection/ wired equivalent privacy (WEP)/ feature selection/ support vector machine (SVM)分类
信息技术与安全科学引用本文复制引用
王冠男,李鸥,刘洋..无线局域网非授权用户入侵行为分析及检测[J].计算机应用研究,2011,28(5):1873-1877,5.基金项目
国家自然科学基金资助项目(60872043) (60872043)
国家"863"计划资助项目(2009AA01Z207) (2009AA01Z207)
国家工业与信息化部重大专项课题(2009ZX03003-003-03) (2009ZX03003-003-03)
