WLAN wireless intrusion alarm aggregation method
An aggregation method and wireless intrusion detection technology, applied in wireless communications, security devices, digital transmission systems, etc., can solve problems such as inability to aggregate WLAN wireless intrusion alarms, increase WLAN hidden worries, and threaten user online transaction and data storage security.
Active Publication Date: 2014-08-27
ZHEJIANG UNIV CITY COLLEGE
View PDF4 Cites 11 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
In March 2014, the "Overview of my country's Internet Network Security Situation in 2013" released by the National Internet Emergency Response Center showed that there are backdoors in the wireless router products of D-LINK, Cisco, Linksys, NetGear, Tenda and other manufacturers, and hackers can directly Control routers, further launch attacks such as DNS hijacking, information theft, and phishing, directly threatening users’ online transactions and data storage security. These reports undoubtedly increase the public’s hidden worries about using WLAN
However, this method is not suitable for the wireless network environment, because in the process of wireless network intrusion, the attacker often does not configure the IP address, but only uses the physical address and other attributes of the WLAN to attack, so it cannot detect the WLAN wireless intrusion alarm. efficient aggregation
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0093] The present invention will be further described below in conjunction with the accompanying drawings and embodiments. While the invention will be described in conjunction with the preferred embodiments, it will be understood that it is not intended to limit the invention to the described embodiments. On the contrary, the invention is to cover alternatives, modifications and equivalents, which may be included within the scope of the invention as defined by the appended claims.
[0094] The embodiment of the present invention relates to a WLAN-oriented wireless intrusion alarm aggregation method. The specific implementation steps are as follows:
[0095] Step 1. Implementation environment construction
[0096] We built a wireless network attack and defense experiment platform in the school network environment, which consists of the following five parts:
[0097] (1) Campus wireless local area network WLAN environment, covering the entire campus, using open system authen...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a WLAN wireless intrusion alarm aggregation method which comprises the following steps of 1, alarm formatting: performing formatting processing on original security alarms captured by the existing wireless intrusion detection system, improving an alarm format of a universal IDMEF and introducing wireless device information such as AP access points; 2, alarm simplifying: removing and simplifying unrelated alarms and repeated alarm information included by alarms generated by the WLAN wireless intrusion detection system in order to improve an accuracy rate and reliability in alarm analysis; 3, alarm classifying: aggregating the original alarms obtained after removal of the unrelated alarms and the repeated alarm information to form a super alarm corresponding to safety alarms having obvious aggressive behavior features in order to provide preconditions for follow-up intrusion prevention decisions. Therefore, by means of the WLAN wireless intrusion alarm aggregation method, the quantity of the unrelated alarms and the repeated alarm information in the original alarms can be reduced greatly, and wireless intrusion detection performance is improved.
Description
technical field [0001] The invention relates to a wireless intrusion alarm aggregation method, more specifically, it relates to a WLAN-oriented wireless intrusion alarm aggregation method. Background technique [0002] With the continuous increase of the number of Internet users all over the world, the number of users using wireless access is also increasing. Wireless Local Area Network (WLAN, Wireless Local Area Network) has become a widely used network technology. WLAN has the characteristics of high access rate, fast network deployment, flexible networking, and simple structure. It has advantages that traditional wired networks cannot match. Mobile Internet, BYOD (Bring Your Own Device, bring your own device office), etc. are rapidly popularized. [0003] Due to the particularity of WLAN itself, attackers can attack without physical connection, and the IEEE802.11 series standards of WLAN, the wired equivalent encryption algorithm WEP (Wired Equivalent Privacy) and Wi-Fi ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04W12/08
Inventor 陈观林
Owner ZHEJIANG UNIV CITY COLLEGE