Substantiating Security Threats Using Group Outlier Detection Techniques

Loading...
Thumbnail Image
File version
Author(s)
Sithirasenan, Elankayer
Muthukkumarasamy, Vallipuram
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)

Richard W Miller

Date
2008
Size

175068 bytes

File type(s)

application/pdf

Location

New Orleans, LA

License
Abstract

With the increasing dependence on wireless LANs (WLANs), businesses, educational institutions and other organizations are in need of a reliable security mechanism. The latest security protocol, the IEEE 802.11i assures rigid security for WLANs with the support of IEEE 802.1x protocol for authentication, authorization and key distribution. Nevertheless, fresh security threats are emerging often to oust these new defense mechanisms. Further, many organizations based on superficial vendor literature, believe their wireless security is sufficient enough to prevent any unauthorized access. Having wide ranging options for security configurations, users are camouflaged into profound uncertainty. This volatile state of affairs has prevented many organizations from fully deploying WLANs for their secure communication needs, though WLANs may be cost effective and flexible. In this paper, we present an anomaly based mechanism to detect and substantiate both known and unknown security threats in WLANs. Our method exploits both timing and behavioral anomalies. We first observe for timing and/or behavior anomalies during the security association process and use outlier based data association approaches to substantiate their legitimacy. The proposed concept was tested on our experimental setup and the results obtained from EAP TLS authenticated hosts are presented here.

Journal Title
Conference Title

GLOBECOM 2008 - 2008 IEEE GLOBAL TELECOMMUNICATIONS CONFERENCE

Book Title
Edition
Volume

3

Issue

6

Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© 2008 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.

Item Access Status
Note
Access the data
Related item(s)
Subject

Other information and computing sciences not elsewhere classified

Persistent link to this record
Citation