Intrusion detection in wireless network
INTRUSION DETECTION in WIRELESS network using TIME SERIES analysis techniques
Introduction:
According to Pei et al(2004) “Intrusion is a set of actions that threatens the integrity, availability, or confidentiality of a network resource.
• Examples
- Denial of service (DoS): attempts to starve a host of resources needed to function correctly
- Scan: reconnaissance on the network or a particular host
- Worms and viruses: replicating on other hosts
- Compromises: obtain privileged access to a host by known vulnerabilities”1
Intrusion Detection System (IDS) is a software or hardware by which we can detect hackers, male ware and bots. There are few types of Intrusion detection system like Network Intrusion Detection System, Protocol based Intrusion Detection System, Application protocol based Intrusion Detection System and Host based Intrusion Detection System etc.
Now a day, wireless network is increasing dramatically. We are trying to make everything which can connect to internet without wire. Compare to wired network, it is easy to capture the channel of wireless network for an intruders.
There are 3 types of intruders.
1. Masquerader: Intruder (outsider) who wants to get an unauthorised access.
2. Misfeasor: Intruder (Insider) who has limited privilege but they want to get administrative privilege.
3. Clandestine: Intruders (insider or outsider) who want to seize supervisory control.
For the security purpose we have use some techniques to detect the intruders and prevent them. To detect the intruders, we have some standards techniques which are listed bellow
1. Statistical intrusion detection techniques
In this technique, we have to observe the behaviour of the user over a period of time. Then collect all the data from the previous user's behaviour. After that a statistical test is going to apply to determine whether this behaviour is from intruder or user with a high level confidence.
2. Ruled based intrusion detection techniques
In this technique, a set of rules which is made by experts is used to detect the behaviour of intruders.
3. Base rate fallacy
In this project, I am going to use statistical intrusion detection techniques. One of the most popular statistical IDS techniques is time series analysis. I will make a model of a wireless network in ns2 simulator with some malicious activities. I will use time series analysis ID techniques to detect and prevent the intruders.
Methodology
A time series is a collection of observations of well defined data items obtained through repeated measurement over a period of time. According to Matlab documentation “Time series are data vectors sampled over time, in order, often at regular intervals. They are distinguished from randomly sampled data, which form the basis of many other data analyses. Time series represent the time evolution of a dynamic population or process. The linear ordering of time series gives them a distinctive place in data analysis, with a specialized set of techniques.
SIGKDD 2007 Tutorial from http://www.cs.ucr.edu/~eamonn/tutorials.html
Time series analysis is concerned with:
1. Identifying patterns
2. Modelling patterns
3. Forecasting values”
I don't have the opportunity to do this project practically on the field. So I am going to use a Network Simulator version 2 for my project. First of all, I have to collect the datasets which is including some malicious activities. Then identify all the threats. After that I will apply time series techniques to detect the intrusion and analyze data in matlab. From the analysis, I have to find the solution for detecting intrusion. At last I will create a wireless network environment in NS2 with some malicious activities and prove that my wireless network can detect and protect the intrusion.
- What is intrusion?
- Why I am going to detect intrusion?
- What type of intrusion I am doing to detect?
- How to detect intrusion using time series techniques?
- How to analyze data to detect intrusion?
- How to protect that particular intrusion?
- How to make a model of wireless network model in NS2 including intrusion?
- How to detect and prevent intrusion in my wireless network?
Aim
The aim of the project is to make a model which can detect the hackers and prevent them in wireless environment.
Objectives:
The aim of the project is to make a model which can detect the hackers and prevent them in wireless environment.
- Recent Threats of wireless network
- Limitation of wireless network
- Current intrusion detection systems
- Identify Threats
- Implement Time series techniques
- Analysis the data
- Find solution
- Design a wireless network with IDS.
Time Plan:
Proposed work June July August Sep
Collect data sets
Design a wireless network
Identify threats and analysis
Apply time series techniques
Graphical analysis of data
Give solution
Make documentation
Submission and presentation
Requirments:
Hardware: Computer with Linux operating system
Software: Network Simulator 2
Mat lab
Refrences:
1. Jian Pei, Shambhu J. Upadhyaya, Faisal Farooq, Venugopal Govindaraju(2004), Data Mining for Intrusion Detection Techniques, Applications and Systems, State University of New York at Buffalo,{jianpei, shambhu, ffarooq2, govind}@cse.buffalo.edu
http://www.cse.uconn.edu/icde04/tutorials/Pei.pdf
2. Joseph, spring, “Tools/Techniques Intrusion prevention and Detection 1” Security system programming, University of Hertfordshire, January 2009
3. w stalling, cryptography and network security, prentice hall, 2003
4. p.porras, A state transition analysis tools for intrusion detection, masters thesis, university of California at santa Barbara, july 1992
5. H.vaccaro and G. liepins, Detechtion of anomalous computer session activity, proceedings of the IEEE symposium on research in security and privacy, may 1989
6. j. Anderson, Computer security threat monitoring and surveillance, fort Washington, PA:james p Anderson Co., 1980
7. Y Zhang, W Lee, & Y Huang(2003), Intrusion Detection Techniques for Mobile Wireless Networks
http://www.cse.sc.edu/~wyxu/2008 csce790/papers/zhang03intrusion.pdf
8. Matlab Documentation, 12 06 2009 retrieved from
http://www.mathworks.com/access/helpdesk/help/techdoc/index.html?/access/helpdesk/help/techdoc/&http://www.google.co.uk/search?client=firefox a&rls=org.mozilla%3Aen GB%3Aofficial&channel=s&hl=en&q=matlab&meta=&btnG=Google+Search
9. Jouni Viinikka, Intrusion Detection Alert Flow Processing Using Time
Series Analysis Methods, 2006 12 24, Retrieved from
http://www.diwall.org/talks/viinikka.pdf
10. Eamonn Keogh, Mining Shape and Time Series Databases with Symbolic Representations, 2007
http://www.cs.ucr.edu/~eamonn/tutorials.html
11. Jamil Farshchi, Wireless Intrusion Detection Systems, 2003 11 05, Retrieved from
http://www.securityfocus.com/infocus/1742
