The goal of this thesis was to develop, deploy and evaluate a lightweight portable intrusion detection system (LPIDS) over wireless networks. The LPIDS was developed by adopting two different string matching algorithms: Aho-Corasick algorithm and Knuth–Morris–Pratt algorithm (KMP). The LPIDS was implemented and tested on the hardware platforms Wi-Fi Pineapple and Raspberry Pi. To evaluate and test the LPIDS as well as the algorithms, performance metrics such as throughput, response time and power consumption are considered. The experimental results reveal that Aho-Corasick performed better than KMP throughout the majority of the process, but KMP was typically faster in the beginning with fewer rules. Similarly, Raspberry Pi shows remarkably higher performance than Wi-Fi Pineapple in all of the measurements. Moreover, we compared the throughput between LPIDS and Snort. It was concluded that the throughput was significantly higher for LPIDS when most of the rules do not include content parameters. This thesis concludes that due to computational complexity and slow hardware processing capabilities of Wi-Fi Pineapple, it could not become suitable IDS in the presence of different pattern matching strategies. Finally, we propose a modification of Snort to increase the throughput of the system.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-157481 |
| Date | January 2019 |
| Creators | Nykvist, Carl, Larsson, Martin |
| Publisher | Linköpings universitet, Databas och informationsteknik, Linköpings universitet, Databas och informationsteknik |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0023 seconds