AuthorFayssal, Samer Nabih
Committee ChairHariri, Salim
MetadataShow full item record
PublisherThe University of Arizona.
RightsCopyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.
AbstractThe increased deployment of ubiquitous wireless networks has exponentially increased the complexity to detect wireless network attacks and protect against them. In this research, we investigated the vulnerabilities in wireless networks, developed a comprehensive taxonomy of wireless attacks that has been used to guide our approachto develop, and successfully implement a self-protection wireless system capable of detecting and protecting wireless networks from a wide range of attacks.In the past few years, more security improvements took place, but the network is still vulnerable to complex, dynamic, and knowledgeable attacks; in addition, a large number of last-generation unsecured network cards are still available on the market. This dissertation presents an anomaly-based wireless intrusion detection and response system, which is capable of detecting complex malicious attacks. Our approach is based on multi-channel online monitoring and analysis of wireless network features with respect to multiple observation time windows. These features are related to Data Link Layer framebehaviors and the mobility of stations. We have successfully designed and implemented A Wireless Self Protection System (WSPS) that has the following significant features: it monitors wireless networks, generates network features, tracks wireless-network-state machine violations, generates wireless network flows (WNetFlows) for multiple time windows, and uses the dynamically updated anomaly and misuse rules to detect complex known and unknown wireless attacks and take appropriate proactive actions. To evaluate the performance of WSPS and compare it with other wireless intrusion detection systems, we present an evaluation approach that uses different metrics such as adaptability, scalability, accuracy, overhead, and latency.We validate the WSPS approach by experimenting with normal traffic and more than 20 different types of wireless attacks; and compare the WSPS performance with several well-known intrusion protection systems. Our experimental results show that the WSPS approach can protect from wireless network attacks with an average detection rate of 99.13% for all the experimented attacks.
Degree ProgramElectrical & Computer Engineering