Technology identifies invisible intruders on wireless LANs

System is a window into an invisible world

Groundbreaking research undertaken by the Queensland University of Technology has led to the creation of systems that can detect invisible intruders on wireless local area networks.

QUT Information Security Institute co-researcher Dr Jason Smith said he and a colleague had invented an effective system to detect unwanted presence on wireless networks.

"Unlike a building, there are no clearly defined boundaries to wireless networks. The perimeter of a network is defined by the quality of the receiving antenna," Dr Smith said.

"Intruders can easily gain access to wireless networks by either eavesdropping on unencrypted networks or actively hijacking computer sessions when a legitimate user logged onto the network leaves the connection."

Dr Smith said the system was a window into an invisible world that let network administrators see whether unexpected or undesirable things had occurred on their networks.

"We've created a series of monitoring techniques that when used together can effectively watch for both attackers and configuration mistakes in devices on the network," he said.

"The monitor is independent of the network, yet uses information accumulated by the network. This makes the system cheap and easy for businesses to incorporate.

"The strength of the signal travelling in a wireless network and the round trip time of the signal are both monitored because they will change if an intruder enters the network.

"Separately monitoring the signal and round trip time is unreliable, but correlating them against each other makes the system accurate."

Dr Smith said when an intruder was detected a number of steps could then be taken.

"Depending on how sensitive the network is, armed security guards could be deployed, or the wireless network may be turned off. The security protection might alter to avert the intrusion or the intruder may simply be monitored to see what they get up to," he said.

"Another application is to use the monitoring to search for security vulnerabilities in devices legitimately connected to the network. When a compromising security configuration is detected, the mistake could be corrected."

Dr Smith said he created the system with PhD researcher Rupinder Gill, who was now employed by a wireless network vendor in the US to create security products.

He said the valuable commodity at greatest risk on local area networks was information.

Join the newsletter!

Error: Please check your email address.

More about AvertQueensland University of TechnologyQueensland University of Technology

Show Comments

Market Place