Aiming at wireless network attacks such as DoS attacks,rouge STA, rouge AP,WarDriving attacks and bruteforce attacks, a Lightweight Intrusion Detection System for WLAN is implemented by combining the misuse detection and anomaly detection. In this system,the user can define attack rule set, authorization AP/STA list, illegal AP/STA list, and the sensitivity and the threshold value of detection can adjust according to the circumstance and user requirement. The test shows that this system has a better detecting effect than other WLAN intrusion detection in market.%针对当前流行的无线拒绝服务DoS、伪装STA、伪装AP、WarDriving、暴力破解等无线网络攻击,采用误用检测和异常检测结合的方式,设计并实现了一个针对无线局域网的轻量级无线网络入侵检测系统.系统采用用户自定义攻击规则库、自定义授权AP/STA名单、自定义非法AP/STA名单等方式,能针对无线网络具体环境和用户的不同需要,合理调整入侵检测灵敏度和攻击检测阈值.仿真试验表明,与市场上同类系统相比较,本系统能有效提高无线网络入侵检测效率,大大降低误报率和漏报率.
展开▼
