• Skip to main content
  • Skip to after header navigation
  • Skip to site footer
ERN: Emerging Researchers National Conference in STEM

ERN: Emerging Researchers National Conference in STEM

  • About
    • About AAAS
    • About the NSF
    • About the Conference
    • Partners/Supporters
    • Project Team
  • Conference
  • Abstracts
    • Undergraduate Abstract Locator
    • Graduate Abstract Locator
    • Abstract Submission Process
    • Presentation Schedules
    • Abstract Submission Guidelines
    • Presentation Guidelines
  • Travel Awards
  • Resources
    • Award Winners
    • Code of Conduct-AAAS Meetings
    • Code of Conduct-ERN Conference
    • Conference Agenda
    • Conference Materials
    • Conference Program Books
    • ERN Photo Galleries
    • Events | Opportunities
    • Exhibitor Info
    • HBCU-UP/CREST PI/PD Meeting
    • In the News
    • NSF Harassment Policy
    • Plenary Session Videos
    • Professional Development
    • Science Careers Handbook
    • Additional Resources
    • Archives
  • Engage
    • Webinars
    • ERN 10-Year Anniversary Videos
    • Plenary Session Videos
  • Contact Us
  • Login

Wireless Network Security: Real Time Detection of Threats to Wireless Networks

Undergraduate #180
Discipline: Computer Sciences and Information Management
Subcategory: Computer Science & Information Systems

Blake Bowers - Tennessee State University


Computer networks all over the world are being compromised every day. According to the U.S. Computer Emergency Readiness Team (US-CERT) there were 22,156 cyber incidents reported in fiscal year 2012 that involved personally identifiable information. There were also more than 48,000 other types of incidents reported across the federal government that same year. Most computer systems have software installed to help keep them secure. Also, many of these computers have network connections that are protected by firewalls. These types of security measures work well but have a weakness of needing frequent updates. The problem is that attackers are one step ahead of the update cycles. Software companies often do not know about a potential problem until their systems are already compromised and patches can often take more than a week to roll out. If network administrators are not adamant about monitoring patch release cycles and their update configurations, systems will be left vulnerable. Wired network traffic can be easily harvested by systems connected to the network by simply being put into a “promiscuous” or monitor mode. Once a system is in this mode it can monitor the network traffic of all the other devices connected to the same hub. The 802.11 specification also specifies monitor as one of six modes that wireless cards, supporting that specification, can operate in. Once these cards are placed in monitor mode they can “sniff” or capture all of the network packets around them or focus on the traffic of a single access point. Once these network packets are collected data can be stripped from them and analyzed.

To collect test data an Alfa Network AWUS036H network adapter is being used to capture both legitimate and malicious packets. Several internet capable devices will be used to generate legitimate network traffic including but not limited to a Samsung Galaxy Note 4, a Dell Latitude laptop running Windows 7, a Raspberry Pi running Raspbian, and a Samsung Galaxy Tab 2. All devices generating legitimate traffic will be using the latest updates for their respective systems. Multiple web servers will be setup with the Apache web server software. The victim devices will be virtual machines running Ubuntu Linux and Microsoft Windows. Some security updates will not be installed on these systems so they can be compromised. The devices will connect to these web servers to simulate legitimate network traffic and the attacking systems will be using Kali Linux with its’ included suite of tools to simulate the attackers. Another system will capture the packets being generated. Once a large enough pool of network traffic has been harvested this data will be analyzed in order to develop the real time analyses model. The software tools that will be used to analyze this traffic will be Python with the pandas, numpy, and matplotlib libraries. The R language and some of its libraries may also be used. The real time analysis model will be built using Spark with the Python API. The packets will be analyzed using several commonly known methods for data analysis including but not limited to clustering, classification, and association. Once the network traffic is captured it will be saved as a comma delimited file then opened and analyzed by the model.

Funder Acknowledgement(s): National Science Foundation Research Initiation Award

Faculty Advisor: Sachin Shetty,

Sidebar

Abstract Locators

  • Undergraduate Abstract Locator
  • Graduate Abstract Locator

This material is based upon work supported by the National Science Foundation (NSF) under Grant No. DUE-1930047. Any opinions, findings, interpretations, conclusions or recommendations expressed in this material are those of its authors and do not represent the views of the AAAS Board of Directors, the Council of AAAS, AAAS’ membership or the National Science Foundation.

AAAS

1200 New York Ave, NW
Washington,DC 20005
202-326-6400
Contact Us
About Us

  • LinkedIn
  • Facebook
  • Instagram
  • Twitter
  • YouTube

The World’s Largest General Scientific Society

Useful Links

  • Membership
  • Careers at AAAS
  • Privacy Policy
  • Terms of Use

Focus Areas

  • Science Education
  • Science Diplomacy
  • Public Engagement
  • Careers in STEM

Focus Areas

  • Shaping Science Policy
  • Advocacy for Evidence
  • R&D Budget Analysis
  • Human Rights, Ethics & Law

© 2023 American Association for the Advancement of Science