Literature Database Entry

dressler2006security


Falko Dressler and Hemant Chaskar, "Security Architectures for Wired and Wireless Networks: Threats and Countermeasures," Tutorial, 1st IEEE/ACM International Conference on Communication System Software and Middleware (COMSWARE 2006), New Delhi, India, January 08, 2006.


Abstract

Local area networks or private networks for that matter are vulnerable to various security threats from the outside world - those which come from the front door where the LAN is connected to the Internet and those which come from the back door opened by current wireless technologies such as WLAN. Security threats from the Internet include Distributed Denial-of-Service (DDoS) attacks, viruses, and worms which can target individual systems or the entire network. These attacks can bring down the networked services as well as obtain unauthorized access to the resources in the network. Attacks over the WLAN include eavesdropping on wireless communication, obtaining direct access to the LAN infrastructure using RF spillage of access points, wireless DoS attacks, ad hoc connections, and others. This tutorial will present analysis of both these classes of threats and technologies to counter them. In order to counter security threats from the Internet, multiple tasks have to be accomplished such as network monitoring, attack detection, traceback, and re-configuration of network entities. In this tutorial, the state-of-the-art of intrusion and attack detection and prevention technologies performing these tasks will be discussed. This includes so-called knowledge-based systems that scan for known pattern as well as anomaly detection systems that focus on self-learning methods. Because most types of attacks from the Internet employ spoofed IP addresses, IP traceback mechanisms (passive/active) will be covered in detail. Attack countermeasures and prevention mechanisms will be discussed. Overview of intrusion detection systems (IDS) and intrusion prevention systems (IPS) available in the market will be provided. Benchmarking of such security environments can be a complex task. An overview of currently accepted benchmarking techniques summarizes this part of the tutorial. While the above techniques focus on securing the traffic transfer points between the LAN and the Internet, the recent proliferation of IEEE 802.11 (WiFi) based wireless networks has extended the footprint of local area networks to the air around the network. Spatial occupancy of the network and invisibility of the wireless medium present additional security challenges to local area network security. Firewalls, VPNs, and wireside intrusion prevention systems now need to be complemented with WLAN security solutions to create secure local area network environments. In this regard, the evolution of WLAN authentication and encryption frameworks (WEP, WPA, 802.11i) will be discussed in detail. Threats that results from unmanaged devices such as rogue APs, ad hoc networks, wireless DoS attacks, MAC spoofing attacks etc. will be covered in detail. An overview of state-of-the-art wireless intrusion detection and prevention systems (WIPS) will be provided.

Quick access

BibTeX BibTeX

Contact

Falko Dressler
Hemant Chaskar

BibTeX reference

@misc{dressler2006security,
    author = {Dressler, Falko and Chaskar, Hemant},
    title = {{Security Architectures for Wired and Wireless Networks: Threats and Countermeasures}},
    howpublished = {Tutorial},
    publisher = {1st IEEE/ACM International Conference on Communication System Software and Middleware (COMSWARE 2006)},
    location = {New Delhi, India},
    day = {08},
    month = {01},
    year = {2006},
   }
   
   

Copyright notice

Links to final or draft versions of papers are presented here to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted or distributed for commercial purposes without the explicit permission of the copyright holder.

The following applies to all papers listed above that have IEEE copyrights: Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

The following applies to all papers listed above that are in submission to IEEE conference/workshop proceedings or journals: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessible.

The following applies to all papers listed above that have ACM copyrights: ACM COPYRIGHT NOTICE. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org.

The following applies to all SpringerLink papers listed above that have Springer Science+Business Media copyrights: The original publication is available at www.springerlink.com.

This page was automatically generated using BibDB and bib2web.