Wireless multi-step attack mode excavation method for WLAN

A pattern mining and wireless technology, applied in electrical components, transmission systems, etc., can solve the problems of ineffective WLAN wireless network environment and inability to accurately identify WLAN wireless multi-step attack patterns.

Inactive Publication Date: 2014-07-23
ZHEJIANG UNIV CITY COLLEGE
View PDF3 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These two methods mainly use the data packet information above the network layer (such as IP address and port number) as identification features, which can identify the multi-step attack intention of the wired network, but attac

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Wireless multi-step attack mode excavation method for WLAN
  • Wireless multi-step attack mode excavation method for WLAN
  • Wireless multi-step attack mode excavation method for WLAN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0059] The present invention will be further described below in conjunction with the accompanying drawings and embodiments. While the invention will be described in conjunction with the preferred embodiments, it will be understood that it is not intended to limit the invention to the described embodiments. On the contrary, the invention is to cover alternatives, modifications and equivalents, which may be included within the scope of the invention as defined by the appended claims.

[0060] The embodiment of the present invention relates to a WLAN-oriented wireless multi-step attack pattern mining method. The specific implementation steps are as follows:

[0061] Step 1. Construct a global attack library

[0062] For example, the MAC address of an AP in a WLAN is 00:B0:0C:01:3C:C0, and all alarms containing this MAC address in the source MAC address set or destination MAC address set are sorted in chronological order, and the AP can be obtained For the sake of simplicity, t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a wireless multi-step attack mode excavation method for WLAN. The method comprises the following steps of: 1, building a global attack library, consisting of: classifying wireless alarm according to different AP information in a WLAN environment and BSSID information of the AP, and building the global attack library based on the AP according to attributes of occurrence time; 2, building candidate attack links; 3, screening the candidate attack links; 4, correlating a multi-step attack behavior; 5, identifying a multi-step attack mode, consisting of: computing the correlation between adjacent attacks in the attack link, deleting the attack link with the correlation lower than a predetermined correlation threshold, and finally identifying the wireless multi-step attack mode. The wireless multi-step attack mode excavation method for WLAN has the advantages of being applicable to actual attack scenes of WLAN, and capable of effectively excavating the wireless multi-step attack mode and providing bases for the pre-identification of the multi-step attack intention.

Description

technical field [0001] The invention relates to a wireless multi-step attack mode mining method, more specifically, it relates to a WLAN-oriented wireless multi-step attack mode mining method. Background technique [0002] With the rapid development of computer networks, more and more users use WLAN, and the research on network security for WLAN has also received more and more attention. As an important means of network security protection, intrusion detection and defense technology has been relatively maturely applied in the traditional wired network environment, and the identification method for network multi-step attack patterns has also been studied in the wired network. However, the existing multi-step attack identification methods mainly use the data packet information above the network layer as identification features, while the WLAN wireless network contains more data packet features below the network layer. Due to the particularity of wireless networks, it is diffi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 陈观林
Owner ZHEJIANG UNIV CITY COLLEGE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap