Journal of Computing Research and Innovation (Nov 2019)

Monitoring and Evaluating Open Wireless LAN using Hybrid IDS

  • Mohd Nizam Osman,
  • Mohd Mirza Abdul Malik,
  • Mushahadah Maghribi

Journal volume & issue
Vol. 4, no. 2
pp. 60 – 67

Abstract

Read online

In this ever-growing wireless technology era, the number of Open Wireless Local Area Network (WLAN) are on the rise. From cafes to shopping areas, most of them offer users with a free-to-use WLAN which popularly known as Open Wi-Fi or Wi-Fi Hotspots. Although it is a convenient for them to access the Internet at these places, later they know it also makes them a vulnerable target for attackers that might be lurking in the same network they are connected. Therefore, a Hybrid IDS that combines both SNORT, a network-based IDS (NIDS) and OSSEC, a host-based IDS (HIDS) was developed to curb the problem. NIDS was used to monitor network traffics while HIDS monitor user’s system for any suspicious activities. Then, a system that can control and manage both IDS in the much easier and simpler way was developed using Python programming language. The system then can generate alerts with the help of both IDS to notify users for any suspicious activities that might occur in the network or user’s system. Several attacks were launched from the attacker’s laptop to test whether Hybrid IDS can generate alerts to notify the victim. As a result, the system breeze through the testing phase by showing necessary output. All the results were taken and then compared with other scenarios to determine whether they can give the same results as Hybrid IDS. From the comparison results, it can be said that Hybrid IDS can give the extra protection layer towards Open Wi-Fi users. Therefore, the Hybrid IDS was proven to provide vast tracking detection for suspicious activity in the network environments by monitor and alert the users about malicious activities.

Keywords