A wireless IDS (WIDS) is specifically made to monitor wireless networks. A WIDS analyzes user and system activities, detects abnormal network activity, and detects policy violations for WLANs. It also watches all local wireless transmissions for known signatures of malicious content. In this assignment, you will research WIDS and record your findings in a report.
-Review the information on WIDSs in your textbook Penetration Testing: Network and Perimeter Testing
-Using scholarly resources, research WIDSs. Cite your sources using APA format.
-Create a 2- to 3-page report, based on your research, explaining how WIDS works and their major advantages and disadvantages.
The Intrusion Detection System (IDS) can either be a hardware or software used to protect systems that are networked from getting misused or detect unauthorized access into a network. Developing and rolling out an IDS takes different forms when it comes to protocols, equipment, cost, connectivity, and automation (Pleskonjic, 2003). The Wireless Intrusion Detection Systems (WIDS) have more opportunities as well as challenges when it comes to transmission of data through an open, shared medium. The WIDS performs the task of detection on the wireless network. An attack in the operation of a WIDS comes from the human-readable evaluation. The operation of a WIDS is a multistep process.
Some of the attacks that the WIDS is vulnerable to are such as unauthorized APs. These are useless APs that are made to steal the login credentials and data from an organization (Geer & Harthorne, 2002). The second attack is flooding, which is the attempt of trying to flood the AP with associations. The third type of attack is wardriving. That means that the requests of a probe that don’t have the ESSID fieldset in that probe are made. The WIDS is made up of the sensor, agent, server, and the console and management, reporting tools. The components help the WIDS to accomplish the goal of intrusion detection and protection. The nature of wireless LANs (WLAN)makes it not very easy to control the access areas.
The WIDS is related to components such as network management tools, antivirus software, firewall software, and devices and other tools that are related to security. The primary importance of the WIDS is to help in defining what the attack is all about and intrusion “axioms scope.” Second, it is used to determine the mechanisms of a conclusion (“theorems” used). Third, it makes a system that is efficient in defending a wireless network. Fourth, it is used as a system for anticipation and self-learning. That means that even if the order made is not completely intelligent, and there is a way to accept some of the decision points that are weaker for the system to be functional. Fifth, the WIDS monitors traffic on the network by searching and logging threats and alerting personnel to respond by either an anomaly-based or signature-based detection.
The only disadvantage of the WIDS is that the traditional ones do very little for the wireless world. They are prone to the attacks listed above, so the medium has to be always protected (Shourbaji & AlAmeer, 2013). Since it could be challenging to control the areas of access where there is a WLAN, there could be a limited control of the physical boundaries of an organization. The attacker can sit in a building or car that is some miles away in an attempt to penetrate the network. Therefore, coming up with a WIDS system that is up to date is a great way to minimize such problems.
Generally, as with most new technologies, the wireless has its advantages and disadvantages. The WIDS plays a significant role in ensuring that the vulnerabilities are well taken care of by protecting the wireless from attacks. The wireless systems should have policies that help in protecting them from attacks. For example, the policies should address the issues of who gets to access the network, and who is responsible for the wireless. There should also be a risk assessment plan that determines threats and vulnerabilities associated with the WLAN.
Pleskonjic, D. (2003, December). Wireless intrusion detection systems (WIDS). In the 19th Annual Computer Security Applications Conference.
Shourbaji, I. A., & AlAmeer, R. (2013). Wireless intrusion detection systems (WIDS). arXiv preprint arXiv:1302.6274.
Geer, D., & Harthorne, J. (2002, December). Penetration testing: A duet. In 18th Annual Computer Security Applications Conference, 2002. Proceedings. (pp. 185-195). IEEE.