| 无线局域网非授权用户入侵行为分析及检测* |
| |
| 引用本文: | 王冠男,李鸥,刘洋.无线局域网非授权用户入侵行为分析及检测*[J].计算机应用研究,2011,28(5):1873-1877. |
| |
| 作者姓名: | 王冠男 李鸥 刘洋 |
| |
| 作者单位: | 1. 解放军信息工程大学,信息工程学院,郑州,450002;解放军72749部队,郑州,450000
2. 解放军信息工程大学,信息工程学院,郑州,450002 |
| |
| 基金项目: | 国家自然科学基金资助项目 |
| |
| 摘 要: | 针对当前流行的破解有线等效加密无线局域网密钥进而盗用上网资源的现象,研究了相关产品的攻击手段.对其提供的交互式重放攻击、ARP注入攻击、chopchop攻击和分片攻击四种攻击方式,通过跟踪记录攻击过程,分析了它们的攻击原理.在借鉴KDD99等特征提取方法的基础上,提取了9个用于识别攻击的流量统计特征,并利用支持向量机设...
|
| 关 键 词: | 无线局域网 入侵检测 有线等效加密 特征选择 支持向量机 |
| 收稿时间: | 2010/10/19 0:00:00 |
| 修稿时间: | 2010/11/12 0:00:00 |
Behavior analysis and intrusion detection of illegal access to WLAN |
| |
| WANG Guan-nan,LI Ou,LIU Yang.Behavior analysis and intrusion detection of illegal access to WLAN[J].Application Research of Computers,2011,28(5):1873-1877. |
| |
| Authors: | WANG Guan-nan LI Ou LIU Yang |
| |
| Affiliation: | (School of Information Engineering, PLA Information Engineering University, Zhengzhou 450002, China) |
| |
| Abstract: | A hacker wireless card named SIGLINK, which is able to reveal the Wired Equivalent Privacy (WEP) key on WLAN and access the Internet for free, had been widely used. For detection of the SIGLINK, the paper studied the four means of attack: interactive packet replay, ARP-request reinjection, chopchop, fragmentation. The work presented a principle analysis of them by reviewing the process behavior when the intrusion was implemented, and proposed a intrusion detection system (IDS) against it. The IDS selected 9 traffic statistical features to detect the attacks, and used Support Vector Machine (SVM) as the recognition algorithm. The experiment results show that the scheme makes a high detection rate. It is effective to alarm the attacks. |
| |
| Keywords: | WLAN intrusion detection WEP feature selection SVM |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
