SBIR-STTR Award

Wireless LAN technology provides freedom and flexibility to the Local Area Network. The current standards based (IEEE 802.11) wireless LAN equipment is intended to provide reliable coverage over a limited range of approximately 100m. However, the wireless LAN transmissions may be detected and exploited at much greater ranges, and can provide an intruder with the opportunity to attack the network from a remote site, outside the secured facility. Existing Network Intrusion Detection Systems (NIDS) can provide tools for determining if a network attack is occurring, but they do not provide the system administrator with information about the attackers location. By exploiting in-depth knowledge of the 802.11 Rake Receiver and wireless channel models, it is possible to characterize wireless clients that are beyond the range of intended coverage. Anntron proposes to evaluate existing NIDSs for military environments. Using in-depth knowledge of 802.11 Rake Receiver and channel models, Anntron will create simulations of range estimation using standard 802.11 access point attributes. Anntron will then develop an Intelligent Agent to provide the system administrator with early, spatial information regarding the attack. Anntron will also evaluate using its' own patent pending wireless LAN multi-beam antenna technology to provide additional location information. Modeling and simulations will provide a means of predicting intruder range based on access point attributes. A multi-beam antenna provides the sensitivity to engage attackers at range, and provides azimuth location information. An Intelligent Agent will combine NIDS, range, and azimuth information to the system administrator for early, spatial intrusion information. The products will have both military and commercial appeal for improving enterprise wireless LAN security

Wireless technology provides freedom and flexibility to the users of the Local Area Network (LAN). The standards based (IEEE 802.11) wireless LAN equipment is intended to provide reliable coverage over a limited range of approximately 100 m. However, the wireless LAN transmissions may be detected and exploited at much greater ranges, and can provide an intruder the opportunity to attack or disable the network from a remote site, outside the presumably secured facility. Enhanced standards based authentication and encryption methods will reduce the threat that an intruder will be able to access network resources. But given the resources, and time, to discretely monitor and probe the presumably secured wireless network, the intruder can ultimately compromise the network. Anntron proposes to demonstrate best of class Network Intrusion Detection software on a small field-able sensor with directive antenna called the Wireless Intrusion Detection and Location System (WIDLS). WIDLS can be placed wherever the probability is best for detecting all intruders. WIDLS uses a multi-beam antenna to add sensitivity and directionality to intruder detections. Two sensors can estimate the location of the intruder. A smart antenna algorithm can improve bearing and location estimations. A graphical web interface provides intrusion metrics and recommended responses.

Keywords:
WIRELESS LAN, INTRUSION DETECTION, DIRECTIVE ANTENNA, IEEE 802.11B, WAR DRIVING, NETWORK ATTACKS, MACHINERY MONITORING