Role of Cross Layer Based Intrusion Detection System for Wireless Domain ()
1. Introduction
A Wireless Local Area Network (WLAN) is a flexible data communications system implemented as an extension to or as an alternative for, a wired LAN. Using radio frequency (RF) technology, wireless LANs transmit and receive data over the air, minimizing the need for wired connections. Wireless LANs frequently augment rather than replace wired LAN networks often providing the final few meters of connectivity between a wired network and the mobile user.
At its simplest form, wireless LAN technology, lets computers to communicate with the rest of a local area network via radio signals rather than over wires. There are two key components. First is the access point, or AP, which is the last wired stop on your network. Connected to the rest of the network via Ethernet cable, the AP translates the wired network traffic into radio signals and transmits it out. The signals are picked up by laptops or desktops with either removable or permanently embedded wireless-network interface cards. Figure 1 shows architecture of wireless LAN and Figure 2 shows functioning of wireless LAN.
1.1. Need of Wireless Network Security
The fundamentals of wireless security are largely similar to those of the wired Internet, wireless data networks present a more constrained communication environment compared to wired networks. Because of fundamental limitations of power, available spectrum and mobility, wireless data networks tend to have less bandwidth, more latency, less connection stability, and less predictable availability. Similarly, handheld wireless devices tend to have limited battery life, less powerful CPUs, restricted power consumption, smaller displays, and different input presenting a more constrained computing environment compared to desktop computers.
With a WLAN, transmitted data is broadcast over the air using radio waves. This means that any WLAN client within an access point (AP) service area can receive data transmitted to or from the access point. Because radio waves travel through ceilings, floors, and walls data may hence easily reach unintended recipients. Tools like Ethereal; AirSnort can easily be used to passively collect data of any Client within the broadcast range. Users have no way of knowing if they are connecting to rogue access point set-up as part of a man-in-the-middle attack.
WLAN security, involves concern in three separate issues:
· Authentication.
· User Privacy.
· Authorization.
Figure 3 shows the wireless security issues and Figure 4