Security Monitoring for Wireless Network Forensics (SMoWF)

Size: px
Start display at page:

Download "Security Monitoring for Wireless Network Forensics (SMoWF)"

Transcription

1 Security Monitoring for Wireless Network Forensics (SMoWF) Yongjie Cai and Ping Ji City University of New York (CUNY) Abstract With the broad deployment of WiFi networks nowadays, it is easy for malicious network users to camouflage their true identities through randomly hopping onto open wireless networks, conduct an attack and leave without being caught. Most of the current infrastructures of wireless networks do not keep logs of network activities by default, which makes it hard to obtain important network traces that may facilitate future forensics investigations for a suspicious network event. In this paper, we outline a Security Monitoring System for Wireless Network Forensics (SMoWF), which aims to establish a forensic database based on encrypted (or hashed) wireless trace digests, and to answer the critical investigation question: which wireless device appeared at where during what time? We propose to accomplish our goal through three steps: 1. Design a network trace logging method that records the abstract of useful fields of network packets. Here only abstracts of packets are kept due to privacy protection concerns. 2. Design a query/search system that allows users to conduct forensic analysis based on gathered traces; 3. Study and integrate localization algorithms into SMoWF, which can provide the location estimation of a given device when such information is needed. Author Yongjie Cai is a second-year student of the Computer Science PhD Program of the Graduate Center of City University of New York (CUNY). Prior to joining the graduate program of CUNY, Yongjie obtained her B.E degree in Computer Science from NanKai University, China, in year Working in the Computer Network and Mobile System Security (NeMo) Lab led by Prof. Ping Ji, Yongjie s current research interest includes Wireless Network Performance and Security Measurement, Network Traffic Analysis and Wireless Network Applications. Ping Ji is a Professor of the Mathematics and Computer Science Department of John Jay College of Criminal Justice of the City University of New York, and a faculty member of the Computer Science PhD Program of CUNY Graduate Center. Prof. Ji holds a PhD degree in Computer Science from the University of Massachusetts at Amherst and a B.S. degree in Computer Science and Technology from Tsinghua University, China. Prof. Ji s research interests cover the broad area of Computer Networks and have recently focused on Wireless and Mobile Network Security and Forensics. Since joining the City University of New York from year 2003, Prof. Ji has been active in both research and teaching, and awarded a number of CUNY internal and external government grants. These awards and grants include the RF-CUNY research award for consecutive five years, US/UK Army research grants on sensor network information quality study, and NSF grants in the field of Network Forensics. 1

2 1. Introduction Cybercrime is an exploding security challenge in the current digital age, and has been largely concerned by the public over the past several decades. With the escalating deployment of WiFi networks, the accelerated usage of mobile devices, and the dynamic physical and protocol characteristics of wireless communication, wireless links have become an increasingly popular channel for cyber criminals to camouflage their true identities. For example, a hacker may drive on the street, randomly pick an open WiFi network, conveniently connect to the Access Point, upload or download malicious files through the Access Point, then close the session and drive away. The whole process may only take minutes to accomplish, and when the victim machine notices the attack, the best point of interest that it can trace back is very likely only the benign Access Point, through which the true attacker conducted the malicious activity. It is almost always certain that the hacker will be cut loose. In this research, we propose to design a distributed Security Monitoring system for Wireless network Forensics (SMoWF), which monitors Wireless LAN activities. Abstracts of network traces are captured and selectively recorded at each monitoring point. Distributed monitoring points collaborate to reconstruct the crime scene based on monitored logs, and the SMoWF system should be able to answer the following questions: 1. Was a particular wireless device involved in a given malicious network activity? 2. Can this device be uniquely identified by the logs? 3. Where a particular device was physically located during a given period of time. We propose to accomplish our goal through three steps: 1. Design a network trace logging method that records the abstracts of useful fields of network packets. Here only abstracts of packets are kept for privacy protection purpose. 2. Design a query/search system that allows users to conduct forensic analysis based on monitored traces. 3. Study and implement localization algorithms that can provide the location information of a given device when necessary. The rest of this paper is organized as follows: Section 2 explores the related work. Section 3 outlines the architecture of SMoWF. Section 4 illustrates wireless network trace capturing and preprocessing methods. Section 5 discusses the approaches to store critical logs and conducts post analysis and investigation. Section 6 shows the prototype of SMoWF. Section 7 concludes the paper. 2. Related Work There are a number of wireless traffic capturing tools 1 including Wireshark, Tcpdump and Kismet/KisMac, with which we can gather wireless network traces through "off-the-shelf" network cards. All traffic in the same network can be passively captured when a network card is set in promiscuous (i.e. monitor) mode. When the card is in monitor mode, no packets are transmitted through it and all the traffic in a specific channel can be preserved into a backend server. More interestingly, Kismet 2 is able to hop channels to cover the entire spectrum, and record the physical location of a monitoring point when the tool is used with a GPS receiver. Important trace information, such as the SSID, channel number, MAC address and associated clients of wireless networks in range, can be gathered by these traffic capturing tools, which may contain vital clues for future forensic investigations. 1 Wireless sniffer: https://personaltelco.net/wiki/wirelesssniffer. 2 Kismet: 2

3 Monitoring Point Monitoring Point Repository Centric Processing Engine User Interaction Figure 1. A typical wireless monitoring system Researchers have proposed several wireless monitoring infrastructure systems, primarily for improving wireless channel and protocol performance. The framework of a typical wireless monitoring system is showed in Figure 1, which consists of three parts: the monitoring point, the data repository and the centric processing engine. Each monitoring point gathers network information from access points or by capturing traffic in the air, and transmits the gathered raw data to the repository. The centric processing engine conducts network analysis and reports abnormal events to network operators. VISUM 3 delegates the monitoring task to a set of distributed agents using SNMP. It uses device-specific XML profiles to map retrieved high-level monitoring information to device-specific SNMP Object Identifiers. The centric processing engine is responsible to assign the subset of network devices that needs to be monitored to individual agents. This is a complicated task when the number of devices gets very large, and things can get worse when we don t know the locations of these devices. Also along this line of research, DAIR 4 is a framework that manages and troubleshoots enterprise wireless networks using desktop infrastructure. It proposes to attach USB-based wireless adapters to desktop machines that usually have spare CPU, disk resources and the more reliable wired-line Internet connectivity. These inexpensive adapters then work as monitoring points and can be densely deployed to cover an entire local area. In addition, Jigsaw 5 deploys 192 stand-alone radio sniffers to monitor a wireless network that consists of 40 open APs, which cover four floors and the basement in a building. The three aforementioned systems are designed for network administrators to better monitor and diagnose the network performance of networks. They mainly focus on maintaining the stability of clients connectivity, reducing the interference and packet delay. The infrastructures of DAIR and Jigsaw can be adopted in our wireless network security monitoring project for raw data collection in indoor environment. 3 Camden C. Ho, Krishna N. Ramachandran, Kevin C. Almeroth, and Elizabeth M. Belding-Royer. A scalable framework for wireless network monitoring. In Proceedings of the 2nd ACM international workshop on Wireless mobile applications and services on WLAN hotspots, WMASH 04, pages , New York, NY, USA, ACM. 4 Paramvir Bahl, Jitendra Padhye, Lenin Ravindranath, Manpreet Singh, Alec Wolman, and Brian Zill. Dair: A framework for managing enterprise wireless networks using desktop infrastructure. In HOTNETS 05, Yu-Chung Cheng, John Bellardo, Péter Benkö, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage. Jigsaw: solving the puzzle of enterprise analysis. SIGCOMM Comput. Commun. Rev., 36:39 50, August

4 Similar to what we hope to propose, FLUX 6 is a prototype of forensic monitoring system based on CoMo platform. 7 It aims to identify suspicious activities, network anomalies and provide incident playback. This work proposes a similar goal with ours, however FLUX was in its preliminary stage and seemed discontinued. Another aspect related to our work is device identification. Malicious attackers can easily camouflage their device IDs. MAC spoofing is a perfect example here for simple and effective anonymity tactics. Attackers can change the MAC address of their devices easily. However, in recent years, researchers have proposed quite a few ways to fight against MAC spoofing. First, Jeffery et al. 8 demonstrate that with 90% accuracy 64% of users can be identified without using MAC address. The implicit identifiers from users network activities, such as pairs of IP Address and port, SSID probes, broadcast packets sizes and MAC Protocol Fields, can help identify a unique user (device) quite accurately. S. Dolatshahi et al. 9,10 show the effectiveness of using RF signature as a wireless device identity. They exploited the imperfection of commercially used RF transmitter and amplifiers, which is difficult to for attackers to modify. Moreover, Polak et al. 11 propose a method by the analysis of the inband distortion and the spectral growth to uncover the more sophisticated attackers who distorted their signatures. In the current stage of our work, we use MAC address as the device identifier without worrying too much about MAC spoofing problem. However, in the future deployment of SMoWF system, we will consider the above mentioned device identification methods and implement appropriate ones to fight against MAC spoofing. 3. Overview of SMoWF The emerging and increasing growth of WiFi wireless networking technology makes it possible to connect to the Internet from anywhere at anytime. For example, in a wireless network measurement study, 12 we conducted experiments around a three-block metropolitan neighbourhood of the mid-west side of Manhattan for 12 runs, and detected access points deployed in the neighbourhood. The densely deployed WiFi networks are undoubtedly making our life much easier and enjoyable, but they also provide more opportunities for malicious users to conduct criminal activities through mobile devices. We notice that among our detected access points, about 30 per cent provide unencrypted WiFi services. In other words, these open networks can be easily compromised. 6 Kevin P. Mc Grath and John Nelson. FLUX: A Forensic Time Machine for Wireless Networks. In INFOCOM Poster and Demo Session. IEEE, April Gianluca Iannaccone. Como: An open infrastructure for network monitoring research agenda. Intel Research Technical Report, Jeffrey Pang, Ben Greenstein, Ramakrishna Gummadi, Srinivasan Seshan, and David Wetherall user fingerprinting. In Proceedings of the 13th annual ACM international conference on Mobile computing and networking (MobiCom '07). ACM, New York, NY, USA, Dolatshahi, S. and Polak, A. and Goeckel, D.L Identification of wireless users via power amplifier imperfections Conference Record of the Forty Fourth Asilomar Conference on Signals, Systems and Computers (ASILOMAR) 10 A. Polak, S. Dolatshahi and D. Goeckel, Identifying Wireless Users via Transmitter Imperfections, IEEE Journal on Selected Areas in Communications- Special Issue on Advances in Digital Forensics for Communications and Networking, August Polak, A.C. and Goeckel, D.L. RF Fingerprinting of Users Who Actively Mask Their Identities with Artificial Distortion 12 Yongjie Cai and Ping Ji. A measurement study for understanding wireless forensic monitoring. To appear in ICDFI, Sept

5 In this paper, we propose a security monitoring infrastructure for wireless network forensics (SMoWF), which is to build an intelligent monitoring system that can uncover malicious devices, track their activities in Wireless LAN of metropolitan area, and preserve digital evidence to facility future cyber crime investigation. SMoWF system should be able to answer the following questions: Whether or not a particular device was involved in a given malicious network activity? Can this device be uniquely identified by the logs? Where was a particular device physically located during a given event? Similar to Figure 1, the SMoWF system consists of a set of monitors that are responsible to capture Wireless network traffic. These monitoring points are distributed through a Wireless network and may be moved around to cover Wireless LANs as much as possible. After the collection of raw traffic data, SMoWF parses raw data into human-readable texts, eliminates irrelevant traffic types and extracts useful information for device identification and localization. It also removes the data part of traffic packets to protect users privacy. SMoWF uses a central repository to store processed data as digital evidence. Finally, it includes a post-investigation engine that helps investigators to figure out what was going on when a criminal activity occurred. The post-investigation engine retrieves relevant data from the evidence repository and is able to answer the aforementioned questions. 4. Traffic Capture and Preprocess Comparing to those monitoring systems deployed in buildings/universities, 13, 14 there are several challenges of Wireless traffic monitoring in a metropolitan area: 1) the number of access points that are observable is large; 2) the AP locations and distributions are unknown; 3) we are out of control of these access points. Therefore, the traditional ways of obtaining traffic via access points are not practical. We cannot configure all these access points to log their real-time traffic, nor can we deploy thousands of static stand-alone monitor nodes to cover the whole area. For SMoWF, we propose to delegate the traffic capturing tasks to wireless monitoring points, such as laptops being either stationary or mobile. These monitoring points passively capture nearby Wireless network traffic, and periodically upload the encrypted or hashed traffic logs to a central repository. Particularly, in our experiments, we use Kismet installed on a MacBook Pro to gather raw Wireless network traffic. Kismet is an wireless network sniffer working with any wireless card, which supports monitoring mode, and detects networks by passively collecting packets. It can provide GPS coordinates where packets are detected when integrated with a GPS device. Kismet will generate several log files including.pcapdump,.gpsxml,.netxml,.nettxt,.alert. All above MAC layer packets information, together with Per-Packet Information (PPI) header that includes channel, signal and noise strength, are logged to.pcapdump files. GPS information such as coordinates and speed are recorded into.gpsxml files. Our SMoWF system mainly uses these two types of logs. 13 Camden C. Ho, Krishna N. Ramachandran, Kevin C. Almeroth, and Elizabeth M. Belding-Royer. A scalable framework for wireless network monitoring. In Proceedings of the 2nd ACM international workshop on Wireless mobile applications and services on WLAN hotspots, WMASH 04, pages , New York, NY, USA, ACM 14 Yu-Chung Cheng, John Bellardo, Péter Benkö, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage. Jigsaw: solving the puzzle of enterprise analysis. SIGCOMM Comput. Commun. Rev., 36:39 50, August

6 While Kismet logs collect raw packets in libpcap format into.pcapdump files, we use Tshark, 15 which is the command line version of Wireshark to parse them into human-readable text files. Also we filtered out the data part of packets and only preserve packet headers. 5. Evidence Preservation and Post- investigation For evidence preservation, only extracting packet headers to reduce logged data size is not efficient enough. The network traffic size can be huge compared to limited storage. For instance, in Section 6, we collected 362,305 packets using Kismet, about 311MB trace data by randomly walking around a threeblock neighbourhood for 12 trips around four hours. These data only came from one single monitor. If tens or hundreds of monitors participate, it can easily get GB traces in one day. For instance, Jigsaw 16 collected 96GB raw traces in one day using 192 radio monitors. We made statistic analysis on the packet types in on our data. 17 We observed that half of the packets were beacons sent from access points, which simply claimed their existence and were not related to their associated clients. Therefore, we filtered out this kind of packets. Secondly, to support efficient queries and conducting post forensics investigation, we store our network traces into a database. The critical part of our system is post-investigation, which aims to answer the questions described in Section 3. As a preliminary work for our system, we use MAC addresses as the unique identifiers of mobile devices and explore the device localization problem accordingly. We study and evaluate two localization algorithms, one is weighted centroid algorithm 18 and the other is log-distance path loss modeling method 19. Weighted centroid algorithm, as Equation 1 shows, estimates the location of the target device as the weighted sum of all locations where it was observed. Shown in Formula 1, p is estimated location of target device, p is the ith location coordinate where the device is detected, and the weight w i is proportional to signal strength received from the target device at ith location. p =! w! p!, (w! s!,! w! = 1) (1) The log-distance path loss modelling method describes that the average received signal strength decreases logarithmically with distance whether in outdoor or indoor radio channels, shown in Equation 2. s! = S 10γlogd! + X! (2) 15 Tshark: 16 Yu-Chung Cheng, Mikhail Afanasyev, Patrick Verkaik, Péter Benkö, Jennifer Chiang, Alex C. Snoeren, Stefan Savage, and Geoffrey M. Voelker. Automating cross-layer diagnosis of enterprise wireless networks. In SIGCOMM 07, pages 25 36, New York, NY, USA, ACM 17 Yongjie Cai and Ping Ji. A measurement study for understanding wireless forensic monitoring. To appear on ICDFI, Yu-Chung Cheng, Yatin Chawathe, Anthony LaMarca, and John Krumm Accuracy characterization for metropolitan-scale Wi-Fi localization. In Proceedings of the 3rd international conference on Mobile systems, applications, and services (MobiSys '05). ACM, New York, NY, USA, DOI= / Theodore Rappaport. Wireless Communications: Principles and Practice. Prentice Hall PTR, Upper Saddle River, NJ, USA, 2nd edition,

7 s! is the received signal strength from target device at position i. d! is the physical distance from target device with coordinates <x, y> to the monitor point with coordinates <x i,y i >. The path loss exponent γ indicates the loss rate of the received signal strength. S is the signal strength from the device at a distance of one meter. To compensate for the random shadowing effects in radio propagation, X! is added as a zero-mean Gaussian distributed random variable with standard deviation σ. Theoretically, we need four monitor points or traces to determine four parameters <S, γ, x, y> of the target device in order to know the location coordinate <x, y>. However, in practice, more than four sets of traces from the target devices are collected. We have to solve a set of over-determined equations. There are several solutions to this problem. For example, Krishna 20 proposed to find solutions to minimize the least mean absolute error of equations. In our system, to simplify the implementation, we used trust-region-reflective optimization approach 21 implemented in Matlab to minimize the least square error which is defined in Equation 3. J = (s! S + 10 γlogd! )!! (3) 6. Experiments and System Prototype We conduct experiments to explore the feasibility and evaluate the performance of our system in the testbed. Our testbed, shown in Figure 2, is a three-block metropolitan area of the upper-west side in NYC, which is around 260m*260m. We use a MacBook Pro laptop with internal airport wireless card and a BU353 GPS receiver as a moving monitor point. Kismet, installed on the MacBook Pro, is configured to hop on channels to cover the entire spectrum and log all received wireless packets. We walked around the testbed for 12 runs along the path of A-H or H-A in a week of April of We collected 362,305 packets around 311MB traces. Figure 2. Testbed and Testing Path 20 Krishna Chintalapudi, Anand Padmanabha Iyer, and Venkata N. Padmanabhan. Indoor localization without the pain. In Proceedings of the sixteenth annual international conference on Mobile computing and networking, MobiCom 10, pages , New York, NY, USA, ACM. 21 lsqnonlin: 7

8 After parsing.pcapdump files into readable texts, we filter out the data payload of packets, extract packet header fields and dump them into PACKET table. The fields include frame date and time, source address, destination address, BSSID, transmitter address, and receiver address of MAC, data length, channel frequency, received signal strength, noise strength, type and subtype of , source and destination address of IP, source and destination port of TCP and UDP. Notice that a packet doesn t include all the fields. For example, Acknowledgement and Clear-To-Send packets only contain receiver MAC address and no other MAC address. One packet only has source/destination port either from TCP or UDP. We can obtain neither TCP nor UDP information from encryption packets. Furthermore, we extract.gpsxml files and dump them into MAC_GPS table in our database. MAC_GPS table contains date, time, source MAC address, signal, noise, latitude, longitude, altitude, fix, speed, heading. To speed queries, we create indexes on date fields in both tables. For device localization, we chose to apply the simple but effective weighted centroid algorithm in our system. We further developed a simple web user interface to help investigators to trace their interested devices. As shown in Figure 5, an investigator can enter the date and time period of an interesting event, as well as the MAC address, IP, or BSSID of a device. SMoWF then pulls out the records/packets that are related to their interested device from the database. It will estimate the locations of the device every five minutes during that time window shown as the second picture and generate a KML file that tags the geo locations of the device in Google Earth, shown in the third picture. In this way, the investigators can easily locate their interested device. 8

9 Figure 3. System Prototype 7. Conclusion In this work, we outlined a wireless forensic monitoring system (SMoWF), which aims to establish a forensic database based on encrypted (or hashed) wireless trace digests, and to answer the following investigation questions: 1. Was a particular device involved in a given malicious network activity? 2. Can this device be uniquely identified by the logs? 3. Where a particular device was physically located during a given event. We conducted research and experiments for the following tasks: 1. Design network trace logging method that records the abstract of useful fields of network packets. Here only abstracts of packets are kept for privacy protection purpose. 2. Design a query/search system that allows users to conduct forensic analysis activities based on monitored traces; 3. Study and propose localization algorithms that can provide the location information of a given device. Acknowledgments This research is supported by the National Science Foundation under NSF grant CNS

10 10

NETWORK MONITORING AND DATA ANALYSIS IN WIRELESS NETWORKS

NETWORK MONITORING AND DATA ANALYSIS IN WIRELESS NETWORKS NETWORK MONITORING AND DATA ANALYSIS IN WIRELESS NETWORKS By Yongjie Cai A Dissertation Proposal Submitted to the Graduate Faculty in Computer Science in Partial Fulfillment of the Requirements for the

More information

Enhancing the Security of Corporate Wi-Fi Networks Using DAIR. Example : Rogue AP. Challenges in Building an Enterprise-scale WiFi Monitoring System

Enhancing the Security of Corporate Wi-Fi Networks Using DAIR. Example : Rogue AP. Challenges in Building an Enterprise-scale WiFi Monitoring System Challenges in Building an Enterprise-scale WiFi Monitoring System Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Scale of WLAN Microsoft s WLAN has over 5 APs Paramvir Bahl, Ranveer Chandra,

More information

FLUX: A Forensic Time Machine for Wireless Networks

FLUX: A Forensic Time Machine for Wireless Networks FLUX: A Forensic Time Machine for Wireless Networks Kevin P. Mc Grath & John Nelson kevin.mcgrath@ul.ie April 2006 Outline 1. Introduction 2. CoMo System Architecture + Results 3. Network Forensic Analysis

More information

An Overview of Link-Level Measurement Techniques for Wide-Area Wireless Networks

An Overview of Link-Level Measurement Techniques for Wide-Area Wireless Networks An Overview of Link-Level Measurement Techniques for Wide-Area Wireless Networks Scott Raynel WAND Network Research Group Department of Computer Science University of Waikato smr26@cs.waikato.ac.nz Murray

More information

Lab VI Capturing and monitoring the network traffic

Lab VI Capturing and monitoring the network traffic Lab VI Capturing and monitoring the network traffic 1. Goals To gain general knowledge about the network analyzers and to understand their utility To learn how to use network traffic analyzer tools (Wireshark)

More information

DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure

DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure Paramvir Bahl Ý, Jitendra Padhye Ý, Lenin Ravindranath Ý, Manpreet Singh Þ, Alec Wolman Ý, Brian Zill Ý Ý Microsoft

More information

Testing a Wireless LAN

Testing a Wireless LAN Chapter 17 Testing a Wireless LAN This chapter will introduce you to: Wireless LAN Testing Considerations Signal Coverage Testing Performance Testing In-Motion Testing Security Vulnerability Testing Acceptance/Verification

More information

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006 WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able

More information

WiFi Traffic Analysis Project Report.

WiFi Traffic Analysis Project Report. WiFi Traffic Analysis Project Report. Rajesh Golani, Srikanth Kandalam Computer Science Stony Brook University, NY Abstract WiFi Traffic analysis is a project which involved analysing the WiFi traffic

More information

One team leader: Set up goals, update burn down chart. Ensure the subproject is on track.

One team leader: Set up goals, update burn down chart. Ensure the subproject is on track. One project coordinator: Coordinate interfacing, joint testing One team leader: Set up goals, update burn down chart. Ensure the subproject is on track. Team members: carry out the tasks, peer evaluations

More information

Wireless Traffic Analysis. Kelcey Tietjen DF Written Report 10/03/06

Wireless Traffic Analysis. Kelcey Tietjen DF Written Report 10/03/06 Wireless Traffic Analysis Kelcey Tietjen DF Written Report 10/03/06 Executive Summary Wireless traffic analysis provides a means for many investigational leads for a forensic examination. It can provide

More information

Detecting MAC Layer Misbehavior in Wifi Networks By Co-ordinated Sampling of Network Monitoring

Detecting MAC Layer Misbehavior in Wifi Networks By Co-ordinated Sampling of Network Monitoring Detecting MAC Layer Misbehavior in Wifi Networks By Co-ordinated Sampling of Network Monitoring M.Shanthi 1, S.Suresh 2 Dept. of Computer Science and Engineering, Adhiyamaan college of Engineering, Hosur,

More information

Cisco Wireless Control System (WCS)

Cisco Wireless Control System (WCS) Data Sheet Cisco Wireless Control System (WCS) PRODUCT OVERVIEW Cisco Wireless Control System (WCS) Cisco Wireless Control System (WCS) is the industry s leading platform for wireless LAN planning, configuration,

More information

RAVEN, Network Security and Health for the Enterprise

RAVEN, Network Security and Health for the Enterprise RAVEN, Network Security and Health for the Enterprise The Promia RAVEN is a hardened Security Information and Event Management (SIEM) solution further providing network health, and interactive visualizations

More information

CISCO WIRELESS CONTROL SYSTEM (WCS)

CISCO WIRELESS CONTROL SYSTEM (WCS) CISCO WIRELESS CONTROL SYSTEM (WCS) Figure 1. Cisco Wireless Control System (WCS) PRODUCT OVERVIEW Cisco Wireless Control System (WCS) Cisco Wireless Control System (WCS) is the industry s leading platform

More information

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the

More information

WiFi Security Assessments

WiFi Security Assessments WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents

More information

Enhancing the Security of Corporate Wi-Fi Networks Using DAIR

Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Paramvir Bahl, Ranveer Chandra, Jitendra Padhye, Lenin Ravindranath Manpreet Singh, Alec Wolman, Brian Zill Microsoft Research, Cornell University

More information

Coordinated Sampling to Improve the Efficiency of Wireless Network Monitoring Udayan Deshpande 1, David Kotz 2, Chris McDonald 3

Coordinated Sampling to Improve the Efficiency of Wireless Network Monitoring Udayan Deshpande 1, David Kotz 2, Chris McDonald 3 Coordinated Sampling to Improve the Efficiency of Wireless Network Monitoring Udayan Deshpande 1, David Kotz 2, Chris McDonald 3 1,2 Institute for Security Technology Studies, Dartmouth College Hanover,

More information

On A Network Forensics Model For Information Security

On A Network Forensics Model For Information Security On A Network Forensics Model For Information Security Ren Wei School of Information, Zhongnan University of Economics and Law, Wuhan, 430064 renw@public.wh.hb.cn Abstract: The employment of a patchwork

More information

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com We made Slashdot! Hackers, Meet Microsoft "The random chatter of several hundred

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

CS 589-07: Digital Forensics Fall 2006 Instructors: Lorie Liebrock, Bob Hutchinson and David Duggan

CS 589-07: Digital Forensics Fall 2006 Instructors: Lorie Liebrock, Bob Hutchinson and David Duggan CS 589-07: Digital Forensics Fall 2006 Instructors: Lorie Liebrock, Bob Hutchinson and David Duggan Research Paper: Collection and Analysis of Network Traffic David Burton Executive Summary The collection

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

Network Based Intrusion Detection Using Honey pot Deception

Network Based Intrusion Detection Using Honey pot Deception Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.

More information

Wireless Tools. Training materials for wireless trainers

Wireless Tools. Training materials for wireless trainers Wireless Tools Training materials for wireless trainers This talk covers tools that will show you a great deal of information about wireless networks, including network discovery, data logging, security

More information

Unmatched RF Spectrum Analysis

Unmatched RF Spectrum Analysis Datasheet: AirMagnet Spectrum XT AirMagnet Spectrum XT is the industry s first professional spectrum analyzer solution that combines in-depth RF analysis with real-time WLAN information for quicker and

More information

Security in Wireless Local Area Network

Security in Wireless Local Area Network Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June

More information

Coordinated Sampling to Improve the Efficiency of Wireless Network Monitoring

Coordinated Sampling to Improve the Efficiency of Wireless Network Monitoring Coordinated Sampling to Improve the Efficiency of Wireless Network Monitoring Udayan Deshpande and David Kotz Institute for Security Technology Studies Dartmouth College Hanover, New Hampshire, 03755,

More information

Optimizing Wireless Networks.

Optimizing Wireless Networks. from the makers of inssider Optimizing Wireless Networks. Over the past few years, MetaGeek has created tools to help users optimize their wireless networks. MetaGeek s tools help visualize the physical

More information

United States Trustee Program s Wireless LAN Security Checklist

United States Trustee Program s Wireless LAN Security Checklist United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following

More information

Lab Exercise 802.11. Objective. Requirements. Step 1: Fetch a Trace

Lab Exercise 802.11. Objective. Requirements. Step 1: Fetch a Trace Lab Exercise 802.11 Objective To explore the physical layer, link layer, and management functions of 802.11. It is widely used to wireless connect mobile devices to the Internet, and covered in 4.4 of

More information

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure PwC Outline Wireless LAN Security: Attacks and Countermeasures 1. Introduction 2. Problems with 802.11 security 3. Attacks on and risks to Wireless Networks 4. Defending wireless networks ISACA Hong Kong

More information

Strategies to Protect Against Distributed Denial of Service (DD

Strategies to Protect Against Distributed Denial of Service (DD Strategies to Protect Against Distributed Denial of Service (DD Table of Contents Strategies to Protect Against Distributed Denial of Service (DDoS) Attacks...1 Introduction...1 Understanding the Basics

More information

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science Security Measures taken in Securing Data Transmission on Wireless LAN 1 AGWU C. O., 2 ACHI I. I., AND 3 OKECHUKWU O. 1 Department of Computer Science Ebonyi State University Abakaliki 2 Department of Computer

More information

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK PACKET SNIFFING MS. SONALI A. KARALE 1, MS. PUNAM P. HARKUT 2 HVPM COET Amravati.

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

NSC 93-2213-E-110-045

NSC 93-2213-E-110-045 NSC93-2213-E-110-045 2004 8 1 2005 731 94 830 Introduction 1 Nowadays the Internet has become an important part of people s daily life. People receive emails, surf the web sites, and chat with friends

More information

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection WHITE PAPER WEP Cloaking for Legacy TM Encryption Protection Introduction Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original IEEE 802.11 standard for Wireless Local Area

More information

A Research Study on Packet Sniffing Tool TCPDUMP

A Research Study on Packet Sniffing Tool TCPDUMP A Research Study on Packet Sniffing Tool TCPDUMP ANSHUL GUPTA SURESH GYAN VIHAR UNIVERSITY, INDIA ABSTRACT Packet sniffer is a technique of monitoring every packet that crosses the network. By using this

More information

Throughput Analysis of WEP Security in Ad Hoc Sensor Networks

Throughput Analysis of WEP Security in Ad Hoc Sensor Networks Throughput Analysis of WEP Security in Ad Hoc Sensor Networks Mohammad Saleh and Iyad Al Khatib iitc Stockholm, Sweden {mohsaleh, iyad}@iitc.se ABSTRACT This paper presents a performance investigation

More information

A Model-based Methodology for Developing Secure VoIP Systems

A Model-based Methodology for Developing Secure VoIP Systems A Model-based Methodology for Developing Secure VoIP Systems Juan C Pelaez, Ph. D. November 24, 200 VoIP overview What is VoIP? Why use VoIP? Strong effect on global communications VoIP will replace PSTN

More information

Detecting Threats in Network Security by Analyzing Network Packets using Wireshark

Detecting Threats in Network Security by Analyzing Network Packets using Wireshark 1 st International Conference of Recent Trends in Information and Communication Technologies Detecting Threats in Network Security by Analyzing Network Packets using Wireshark Abdulalem Ali *, Arafat Al-Dhaqm,

More information

Kali Linux Wireless Penetration Testing Essentials

Kali Linux Wireless Penetration Testing Essentials Fr Kali Linux is the most popular distribution dedicated to penetration testing that includes a set of free, open source tools. This book introduces you to wireless penetration testing and describes how

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

Customized Data Exchange Gateway (DEG) for Automated File Exchange across Networks

Customized Data Exchange Gateway (DEG) for Automated File Exchange across Networks Customized Data Exchange Gateway (DEG) for Automated File Exchange across Networks *Abhishek Vora B. Lakshmi C.V. Srinivas National Remote Sensing Center (NRSC), Indian Space Research Organization (ISRO),

More information

Network Monitoring On Large Networks. Yao Chuan Han (TWCERT/CC) james@cert.org.tw

Network Monitoring On Large Networks. Yao Chuan Han (TWCERT/CC) james@cert.org.tw Network Monitoring On Large Networks Yao Chuan Han (TWCERT/CC) james@cert.org.tw 1 Introduction Related Studies Overview SNMP-based Monitoring Tools Packet-Sniffing Monitoring Tools Flow-based Monitoring

More information

REV: 0.1.1 (July 2011) McAfee Security: Intrusion Prevention System

REV: 0.1.1 (July 2011) McAfee Security: Intrusion Prevention System McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload

More information

Monitoring Traffic manager

Monitoring Traffic manager Monitoring Traffic manager eg Enterprise v6 Restricted Rights Legend The information contained in this document is confidential and subject to change without notice. No part of this document may be reproduced

More information

Universal Form-factor. Wi Fi Troubleshooting Made Easy

Universal Form-factor. Wi Fi Troubleshooting Made Easy AirMedic USB AirMedic USB is a powerful, easy-touse and affordable spectrum analysis tool that brings Wi-Fi troubleshooting to entry-level users. Built upon AirMagnet expertise in Wi-Fi troubleshooting,

More information

Implementing Network Monitoring Tools

Implementing Network Monitoring Tools Section 1 Network Systems Engineering Implementing Network Monitoring Tools V.C.Asiwe and P.S.Dowland Network Research Group, University of Plymouth, Plymouth, United Kingdom e-mail: info@network-research-group.org

More information

THE ROLE OF IDS & ADS IN NETWORK SECURITY

THE ROLE OF IDS & ADS IN NETWORK SECURITY THE ROLE OF IDS & ADS IN NETWORK SECURITY The Role of IDS & ADS in Network Security When it comes to security, most networks today are like an egg: hard on the outside, gooey in the middle. Once a hacker

More information

Site Survey and RF Design Validation

Site Survey and RF Design Validation CHAPTER 8 Site Survey Introduction In the realm of wireless networking, careful planning is essential to ensure that your wireless network performs in a manner that is consistent with Cisco s design and

More information

Network Traffic Analysis

Network Traffic Analysis 2013 Network Traffic Analysis Gerben Kleijn and Terence Nicholls 6/21/2013 Contents Introduction... 3 Lab 1 - Installing the Operating System (OS)... 3 Lab 2 Working with TCPDump... 4 Lab 3 - Installing

More information

Comparison of Wired and Wireless HPC Networking Methods

Comparison of Wired and Wireless HPC Networking Methods Comparison of Wired and Wireless HPC Networking Methods Wyatt Gorman wag2@geneseo.edu Table of Contents 1. Experiment Summary 2. Bandwidth 3. Latency 4. Power Usage 5. Scalability 6. Reliability 7. Cost

More information

VEHICLE TRACKING SYSTEM USING GPS. 1 Student, ME (IT) Pursuing, SCOE, Vadgaon, Pune. 2 Asst. Professor, SCOE, Vadgaon, Pune

VEHICLE TRACKING SYSTEM USING GPS. 1 Student, ME (IT) Pursuing, SCOE, Vadgaon, Pune. 2 Asst. Professor, SCOE, Vadgaon, Pune VEHICLE TRACKING SYSTEM USING GPS Pooja P. Dehankar 1, 1 Student, ME (IT) Pursuing, SCOE, Vadgaon, Pune Prof. S. P. Potdar 2 2 Asst. Professor, SCOE, Vadgaon, Pune Abstract- Global Positioning System is

More information

SOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013

SOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013 SOUTHERN POLYTECHNIC STATE UNIVERSITY Snort and Wireshark IT-6873 Lab Manual Exercises Lucas Varner and Trevor Lewis Fall 2013 This document contains instruction manuals for using the tools Wireshark and

More information

The Wireless Network Road Trip

The Wireless Network Road Trip The Wireless Network Road Trip The Association Process To begin, you need a network. This lecture uses the common logical topology seen in Figure 9-1. As you can see, multiple wireless clients are in

More information

Second-generation (GenII) honeypots

Second-generation (GenII) honeypots Second-generation (GenII) honeypots Bojan Zdrnja CompSci 725, University of Auckland, Oct 2004. b.zdrnja@auckland.ac.nz Abstract Honeypots are security resources which trap malicious activities, so they

More information

WLAN Positioning Technology White Paper

WLAN Positioning Technology White Paper WLAN Positioning Technology White Paper Issue 1.0 Date 2014-04-24 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any

More information

Wireless Network Analysis. Complete Network Monitoring and Analysis for 802.11a/b/g/n

Wireless Network Analysis. Complete Network Monitoring and Analysis for 802.11a/b/g/n Wireless Network Analysis Complete Network Monitoring and Analysis for 802.11a/b/g/n Comprehensive Wireless Network Management Made Simple From deploying access points to baselining activity to enforcing

More information

Designing, Securing and Monitoring 802.11a/b/g/n Wireless Networks

Designing, Securing and Monitoring 802.11a/b/g/n Wireless Networks Designing, Securing and Monitoring 802.11a/b/g/n Wireless Networks The importance of Wireless today Increasingly in the Corporate Environment, Wireless is becoming an enabling technology to facilitate

More information

Network Security: Workshop

Network Security: Workshop Network Security: Workshop Protocol Analyzer Network analysis is the process of capturing network traffic and inspecting it closely to determine what is happening on the network decodes,, or dissects,,

More information

INTRUSION DETECTION SYSTEM

INTRUSION DETECTION SYSTEM INTRUSION DETECTION SYSTEM INTRUSION DETECTION AND PREVENTION using SAX 2.0 and WIRESHARK Cain & Abel 4.9.35 Supervisor Dr. Akshai Kumar Aggarwal Director School of Computer Sciences University of Windsor

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd. Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised

More information

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge

More information

3. MONITORING AND TESTING THE ETHERNET NETWORK

3. MONITORING AND TESTING THE ETHERNET NETWORK 3. MONITORING AND TESTING THE ETHERNET NETWORK 3.1 Introduction The following parameters are covered by the Ethernet performance metrics: Latency (delay) the amount of time required for a frame to travel

More information

Hacking. Aims. Naming, Acronyms, etc. Sources

Hacking. Aims. Naming, Acronyms, etc. Sources Free Technology Workshop Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by Steven Gordon Bangkadi 3 rd floor IT Lab 10:30-13:30 Friday 18 July 2014 http://ict.siit.tu.ac.th/moodle/.-----.-----.-----..----.

More information

CS 5480/6480: Computer Networks Spring 2012 Homework 4 Solutions Due by 1:25 PM on April 11 th 2012

CS 5480/6480: Computer Networks Spring 2012 Homework 4 Solutions Due by 1:25 PM on April 11 th 2012 CS 5480/6480: Computer Networks Spring 2012 Homework 4 Solutions Due by 1:25 PM on April 11 th 2012 Important: The solutions to the homework problems from the course book have been provided by the authors.

More information

Network Security Monitoring

Network Security Monitoring CEENET/GEANT Security Workshop Sofia, 2014 Network Security Monitoring An Introduction to the world of Intrusion Detection Systems Irvin Homem irvin@dsv.su.se Stockholm University Who am I? Of Indian and

More information

Network Forensics: Log Analysis

Network Forensics: Log Analysis Network Forensics: Analysis Richard Baskerville Agenda P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Two Important Terms PPromiscuous Mode

More information

AirMagnet Spectrum XT

AirMagnet Spectrum XT AirMagnet Spectrum XT AirMagnet Spectrum XT is the industry s first professional spectrum analyzer solution that combines in-depth RF analysis with real-time WLAN information for quicker and more accurate

More information

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds

A Novel Distributed Denial of Service (DDoS) Attacks Discriminating Detection in Flash Crowds International Journal of Research Studies in Science, Engineering and Technology Volume 1, Issue 9, December 2014, PP 139-143 ISSN 2349-4751 (Print) & ISSN 2349-476X (Online) A Novel Distributed Denial

More information

A Location-Based Management System for Enterprise Wireless LANs

A Location-Based Management System for Enterprise Wireless LANs A Location-Based Management System for Enterprise Wireless LANs Ranveer Chandra, Jitendra Padhye, Alec Wolman, Brian Zill Microsoft Research Abstract: The physical locations of clients and access points

More information

WI-FI Security by using Proxy server

WI-FI Security by using Proxy server WI-FI Security by using Proxy server Promila 1, Dr.R.S.Chhillar 2 1, 2 Department of Computer Science and Application, M. D. U. Rohtak, India Abstract: With the whole world going mobile, data security

More information

CS6956: Wireless and Mobile Networks Lecture Notes: 2/11/2015. IEEE 802.11 Wireless Local Area Networks (WLANs)

CS6956: Wireless and Mobile Networks Lecture Notes: 2/11/2015. IEEE 802.11 Wireless Local Area Networks (WLANs) CS6956: Wireless and Mobile Networks Lecture Notes: //05 IEEE 80. Wireless Local Area Networks (WLANs) CSMA/CD Carrier Sense Multi Access/Collision Detection detects collision and retransmits, no acknowledgement,

More information

ROGUE ACCESS POINT DETECTION: AUTOMATICALLY DETECT AND MANAGE WIRELESS THREATS TO YOUR NETWORK

ROGUE ACCESS POINT DETECTION: AUTOMATICALLY DETECT AND MANAGE WIRELESS THREATS TO YOUR NETWORK ROGUE ACCESS POINT DETECTION: AUTOMATICALLY DETECT AND MANAGE WIRELESS THREATS TO YOUR NETWORK The Rogue Access Point Problem One of the most challenging security concerns for IT managers today is the

More information

9 Simple steps to secure your Wi-Fi Network.

9 Simple steps to secure your Wi-Fi Network. 9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password

More information

Outline. Outline. Outline

Outline. Outline. Outline Network Forensics: Network Prefix Scott Hand September 30 th, 2011 1 What is network forensics? 2 What areas will we focus on today? Basics Some Techniques What is it? OS fingerprinting aims to gather

More information

Wireless Security: Secure and Public Networks Kory Kirk

Wireless Security: Secure and Public Networks Kory Kirk Wireless Security: Secure and Public Networks Kory Kirk Villanova University Computer Science kory.kirk@villanova.edu www.korykirk.com/ Abstract Due to the increasing amount of wireless access points that

More information

Enterprise IT Solutions (Hardware, Software, Services) Shared Services and Outsourcing Technology Products Distribution and Trading

Enterprise IT Solutions (Hardware, Software, Services) Shared Services and Outsourcing Technology Products Distribution and Trading Enterprise IT Solutions (Hardware, Software, Services) Shared Services and Outsourcing Technology Products Distribution and Trading Enterprise Solution Professionals on Information and Network E-SPIN carry

More information

DDoS Protection Technology White Paper

DDoS Protection Technology White Paper DDoS Protection Technology White Paper Keywords: DDoS attack, DDoS protection, traffic learning, threshold adjustment, detection and protection Abstract: This white paper describes the classification of

More information

CSE331: Introduction to Networks and Security. Lecture 6 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 6 Fall 2006 CSE331: Introduction to Networks and Security Lecture 6 Fall 2006 Open Systems Interconnection (OSI) End Host Application Reference model not actual implementation. Transmits messages (e.g. FTP or HTTP)

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

An Evaluation of Machine Learning Method for Intrusion Detection System Using LOF on Jubatus

An Evaluation of Machine Learning Method for Intrusion Detection System Using LOF on Jubatus An Evaluation of Machine Learning Method for Intrusion Detection System Using LOF on Jubatus Tadashi Ogino* Okinawa National College of Technology, Okinawa, Japan. * Corresponding author. Email: ogino@okinawa-ct.ac.jp

More information

642 552 Securing Cisco Network Devices (SND)

642 552 Securing Cisco Network Devices (SND) 642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,

More information

Network Monitoring and Forensics

Network Monitoring and Forensics Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320 088X IJCSMC, Vol. 2, Issue.

More information

Network Instruments white paper

Network Instruments white paper Network Instruments white paper USING A NETWORK ANALYZER AS A SECURITY TOOL Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. These features

More information

Building Secure Network Infrastructure For LANs

Building Secure Network Infrastructure For LANs Building Secure Network Infrastructure For LANs Yeung, K., Hau; and Leung, T., Chuen Abstract This paper discusses the building of secure network infrastructure for local area networks. It first gives

More information

EAGLE EYE Wi-Fi. 1. Introduction

EAGLE EYE Wi-Fi. 1. Introduction 1. Introduction Internet access has become very popular by the emergence of broadband services, and busy yet unregulated Internet traffic causes challenges to administration and management. When it comes

More information

Antler: A Multi-Tiered Approach to Automated Wireless Network Management

Antler: A Multi-Tiered Approach to Automated Wireless Network Management Antler: A Multi-Tiered Approach to Automated Wireless Network Management Ramya Raghavendra, Prashanth Aravinda Kumar Acharya, Elizabeth M. Belding, Kevin C. Almeroth Department of Computer Science, University

More information

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks

More information

Observer Analyzer Provides In-Depth Management

Observer Analyzer Provides In-Depth Management Comprehensive Wireless Network Management Made Simple From deploying access points to baselining activity to enforcing corporate security policies, the Observer Performance Management Platform is a complete,

More information

Citrix Application Streaming. Universal Application Packaging and Delivery Breaking Away from Traditional IT

Citrix Application Streaming. Universal Application Packaging and Delivery Breaking Away from Traditional IT Citrix Application Streaming Universal Application Packaging and Delivery Breaking Away from Traditional IT Application Packaging Application Delivery to Endpoint Devices Application Isolation Mode Automatic

More information

VXLAN: Scaling Data Center Capacity. White Paper

VXLAN: Scaling Data Center Capacity. White Paper VXLAN: Scaling Data Center Capacity White Paper Virtual Extensible LAN (VXLAN) Overview This document provides an overview of how VXLAN works. It also provides criteria to help determine when and where

More information

DDoS Vulnerability Analysis of Bittorrent Protocol

DDoS Vulnerability Analysis of Bittorrent Protocol DDoS Vulnerability Analysis of Bittorrent Protocol Ka Cheung Sia kcsia@cs.ucla.edu Abstract Bittorrent (BT) traffic had been reported to contribute to 3% of the Internet traffic nowadays and the number

More information

Detecting MAC Layer Misbehavior in Wi-Fi Networks by Co-ordinated Sampling of Network Monitoring

Detecting MAC Layer Misbehavior in Wi-Fi Networks by Co-ordinated Sampling of Network Monitoring Detecting MAC Layer Misbehavior in Wi-Fi Networks by Co-ordinated Sampling of Network Monitoring G. Premkumar 1, C.V inoth 2, R. Srinivasan 3 Dept. of IT, PSV College of Engineering and Technology, Krishnagri,

More information