Introduction to Wireless Intrusion Detection Systems

The IDS (Intrusion Detection System) is a common means of protecting networked systems from attack or malicious misuse. The development and rollout of an IDS can take many different forms in terms of equipment, protocols, connectivity, cost and automation. This is particularly true of WIDS (Wireless Intrusion Detection Systems) which have many more opportunities and challenges associated with data transmission through an open, shared medium. <br/>The operation of a WIDS is a multistep process from origination of an attack through to human readable evaluation. Attention to the performance of each of the processes in the chain from attack detection to evaluation is imperative if an optimum solution is to be sought. At present, research focuses very much on each discrete aspect of a WIDS with little consideration to the operation of the whole system. Taking a holistic view of the technology shows the interconnectivity and inter-dependence between stages, leading to improvements and novel research areas for investigation.<br/>This chapter will outline the general structure of Wireless Intrusion Detection Systems and briefly describe the functions of each development stage, categorised into the following 6 areas: <br/>• Threat Identification,<br/>• Architecture,<br/>• Data Collection,<br/>• Intrusion Detection,<br/>• Alert Correlation,<br/>• Evaluation.<br/>These topics will be considered in broad terms designed for those new to the area. Focus will be placed on ensuring the readers are aware of the impact of choices made at early stages in WIDS development on future stages.<br/>