THE THREAT-VICTIM TABLE - A Security Prioritisation Framework For Diverse WLAN Network Topographies

Jonny Milliken, Alan Marshall

Abstract

At present there is no common means for establishing the security performance of wireless local area networks (WLANs) against threats. Furthermore, there has been little investigation into whether security performance is reliant on network topography. Consequently this paper advocates that for a range of WLAN infrastructure topographies (home, enterprise & open-access) there can be significant diversity in terms of resources, equipment, users and most importantly security, which can in turn influence attack detection performance. In order to demonstrate these detection differences, a novel framework for evaluating network security performance (the Threat-Victim Table) is developed. This framework is applied to a range of WLAN topographies using an open source (Kismet) Wireless Intrusion Detection System. Three Kismet components are utilised; client, server and drone, to represent typical IDS deployment configurations for these topographies. Analysis of the security capability of Kismet is derived as an example of this framework, for qualifying network security performance against security threats and also to assess the priority level of these vulnerabilities.

References

  1. BBC Watchdog, 2009. Is your Wifi Secure? BBC Online, [online] 29 October. Available at http:// www.bbc.co.uk/blogs/watchdog/2009/10/wifi_hot_spo ts_not_secure.html [accessed 30 October 2009]
  2. Crainicu, B., 2008. Wireless LAN Security Mechanisms at the Enterprise and Home Level. Novel Algorithms and Techniques in Telecommunications, Automation and Industrial Electronics, pp. 306-310
  3. Gill, R., et al, 2006. Specification-Based Intrusion Detection in WLANs. 22nd Annual Computer Security Applications Conference (ACSAC'06).
  4. Hernan, S et al, 2007. Uncover Security Design Flaws Using The STRIDE Approach[online]. Available at http://msdn.microsoft.com/en/gb/magazine/cc163519. aspx
  5. Ibrahim, T., et al, 2008. Assessing the challenges of Intrusion Detection Systems,Available at: http:// www.intrusiononline.net/ docs/cisnrAC_IDS.pdf [Accessed 15 November 2009]
  6. Kershaw, M., 2010. Kismet [online]. Available at: http:// www.kismetwireless.net/
  7. Microsoft SDL Blog. 2007. STRIDE Chart. [online]. Available at http://blogs.msdn.com/sdl/archive/ 2007/09/11/ stride-chart.aspx
  8. Microsoft Windows Help. 2007. Choosing a Network Location. [online]. Available at http://windows. microsoft.com/en-us/windows-vista/Choosing-anetwork-location
  9. Ref, 2009. Removed
  10. Mirkovic, J., Reiher, P., 2004. A Taxonomy of DDoS Attack and DDoS Defence Mechanisms. ACM SIGCOMM Computer Communication Review (34/2) pp.39-53
  11. Prasad, N. R., 2007. Threat Model Framework and Methodology for Personal Networks (PNs). In Communication Systems Software and Middleware, 2007 (COMSWARE 2007).
  12. Snort IDS, 2010. [online] Available at: http:// www.snort.org/
  13. Thamilarasu, G., Sridhar, R., 2007. Exploring Cross-layer techniques for Security: Challenges and Opportunities in Wireless Networks. In MILCOM 2007.
  14. Turab, N., Moldoveanu, F., 2009. A Comparison Between Wireless LAN Security Protocols. [online] University Politehnica of Bucharest. Available at: http://www. scientificbulletin.upb.ro/rev_docs/arhiva/full7970.pdf
Download


Paper Citation


in Harvard Style

Milliken J. and Marshall A. (2010). THE THREAT-VICTIM TABLE - A Security Prioritisation Framework For Diverse WLAN Network Topographies . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010) ISBN 978-989-8425-18-8, pages 37-42. DOI: 10.5220/0002935400370042


in Bibtex Style

@conference{secrypt10,
author={Jonny Milliken and Alan Marshall},
title={THE THREAT-VICTIM TABLE - A Security Prioritisation Framework For Diverse WLAN Network Topographies},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)},
year={2010},
pages={37-42},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002935400370042},
isbn={978-989-8425-18-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
TI - THE THREAT-VICTIM TABLE - A Security Prioritisation Framework For Diverse WLAN Network Topographies
SN - 978-989-8425-18-8
AU - Milliken J.
AU - Marshall A.
PY - 2010
SP - 37
EP - 42
DO - 10.5220/0002935400370042