Researches on Intrusion Detection Technology in Public Wireless Local Area Network
|School||Nanjing University of Technology|
|Keywords||Public wireless LAN Access Controller Mobile Agent Intrusion Detection Artificial Immune|
Public wireless LAN (PWLAN) is the integration of wireless local area network (WLAN) and cellular network (GSM / GPRS) technology, high efficiency, high security wireless broadband access. This article as part of the National 863 Project public wireless LAN security system and applied research the PWLAN environment intrusion detection technology was studied. The first part of the paper, the wireless LAN network and security technologies are analyzed, described the main problems of intrusion detection technology in the important role of public wireless LAN security architecture and the current intrusion detection technology exists. The second part of the intrusion detection technology based on artificial immune theory. In the working mechanism of the biological immune system, as well as the theory of artificial immune algorithm based on artificial immune intrusion detection model based on mobile agent. The model uses negative selection, immune memory, clone selection and co-stimulatory artificial immune algorithm simulation, the working mechanism of the organism's immune system and intrusion detection and lightweight, environmental adaptability. The third part PWLAN environment artificial immune intrusion detection system based on mobile agents. Such as Aglet mobile agent platform, Java encryption technology, the Winpcap network packet capture technology specific implementation technology. Intrusion detection system that contains part of the mobile agent platform, information-gathering components, detection agents, news agents, decision-making agents and management components. Further on its own security mechanisms are based on the use of mobile agent platform, AES, RSA authentication and encryption technology to achieve a secure communication between mobile agents. The system will detect the model embedded in the mobile agent distributed defense mechanism, the through simulation immune system lymphocytes lymphatic and blood circulation, to achieve a comprehensive analysis capabilities, environmental adaptability, as well as efficient management, lightweight Distributed Intrusion Detection System, and reliable operation of the in PWLAN experimental platform. The fourth part of the MIT Lincoln Laboratory evaluation of intrusion detection system (DARPA IDE) database system performance testing. Immune learning through the database in the first week of 64,296 normal packet, the second week in attack mode detection rate reached 85%. Experimental results show the effectiveness of the proposed intrusion detection system, to achieve the desired objectives, and by the National 863 expert group acceptance.