asdf - PowerPoint PPT Presentation

About This Presentation
Title:

asdf

Description:

Intrusion Detection and Forensics for Self-defending Wireless Networks Yan Chen, Northwestern University Tel. (847) 491-4946, E-Mail: ychen_at_northwestern.edu – PowerPoint PPT presentation

Number of Views:37
Avg rating:3.0/5.0
Slides: 2
Provided by: none168
Category:

less

Transcript and Presenter's Notes

Title: asdf


1
Intrusion Detection and Forensics for
Self-defending Wireless Networks Yan Chen,
Northwestern University Tel. (847) 491-4946,
E-Mail ychen_at_northwestern.edu
asdf
  • Objectives
  • Proactively secure wireless networks via
    searching unknown protocol vulnerabilities,
    especially for security protocols such as
    Extensible Authentication Protocols (EAP).
  • Design defense schemes for the vulnerabilities
    discovered.
  • Forensics and situational-aware analysis for
    botnets, in particular for the large-scale
    botnet probes in which a collection of remote
    hosts together probes the address space
    monitored by a sensor in some sort of coordinated
    fashion.

Objective
Vulnerability analysis of various wireless
network protocols.
  • Scientific/Technical Approach
  • Reveal a serious vulnerability of exception
    handling in most wireless security and
    communication protocols by showing an exception
    triggered attack.
  • Design countermeasures for detection of such
    attacks and improvements of protocols for
    prevention.
  • Draw upon extensive honeynet data to explore the
    properties of different types of scanning, such
    as trend, uniformity, coordination, and darknet
    avoidance.
  • Design schemes to extrapolate the global
    properties of the scanning events (e.g., total
    population and target scope) as inferred from the
    limited local view of a honeynet.
  • Accomplishments
  • Find exception triggered denial of service (DoS)
    attacks in various wireless network security
    protocols, including variants of EAP and mobile
    IPv6.
  • Conduct real world experiments to evaluate the
    efficiency and effectiveness of attacks and
    defense.
  • Design schemes to infer the properties
    (including extrapolated global ones) for botnet
    probing events.
  • Challenges
  • Network protocols are too numerous and often
    ambiguous for vulnerability analysis.
  • Infer botnet global properties from limited
    local view.
Write a Comment
User Comments (0)
About PowerShow.com