分布式无线局域网安全探测器的设计与实现  

Detector of the WLAN security and management distributed system

在线阅读下载全文

作  者:王海峰[1] 舒明雷[1] 吕家亮[1] 陈静[1] 李国栋[1] 李春杰[1] 

机构地区:[1]山东省计算中心,济南250014

出  处:《仪器仪表学报》2008年第9期1939-1944,共6页Chinese Journal of Scientific Instrument

摘  要:由于无线网络很容易受到攻击,针对无线攻击的特殊性,目前三层式架构的分布式无线网络安全管理系统可以有效地完成大部分无线局域网安全检测任务。系统中的无线局域网安全探测器负责实时检测无线网络安全并与上层服务器通信。本文设计并实现了具有入侵检测和防御功能的无线网络安全探测器。安全探测器硬件基于Intel PXA255嵌入式处理器开发,运行软件snort-wireless软件在Linux2.4.20环境下运行,可以实现WLAN接入、安全检测及阻断非法设备功能。测试结果表明,该安全探测器的无线接入功能在传输速率和传输距离方面达到甚至高于商业AP(access point)产品,可以对网络的安全性,性能和稳定性实施7×24小时的监控,分析全部的本地无线网传输,显示网络内全部会话和全部设备,实时发现识别多种的安全和性能问题,集中相关事件综合分析可以简单的发现隐藏的问题,找到问题的根源,并自动阻断入侵的威胁。Aiming at the particularity of wireless with detectors has been widely used in wireless LAN attacks, the WLAN Security and network. The detector affords the fun Management Distributed System ctions including WLAN access, intrusion detections, attack orientation and attack interdiction by collecting and analyzing every wireless packet, device in net, and conversation for security and performance problems. This detector hardware was based on Intel PXA255 embedded processor and the software was adopted snort-wireless in Linux. It combines the advantages of long distance and high velocity of wireless LAN access and the ability to detect and defend WLAN attacks and communicate with servers. Testing results demonstrate that the detector can afford the WLAN access function and also offer active, fulltime protection against tens of other wireless threats including wireless vulnerabilities, Denial-of Service attacks, MAC spoofing, fragmentation attacks, evil twins, unapproved connections and scores of wireless hacking.

关 键 词:无线局域网 安全探测器 入侵检测 snort—wireless 

分 类 号:TN92[电子电信—通信与信息系统]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象