Vulnerable network analysis using war driving and security intelligence

Abstract

Wireless network is growing explosively not only in the corporate environment, but also at the consumer space. If the network is left open and unsecured, anyone can not only use the network for downloading illegal content, but also such a network can be used as a hacking medium to bring down other networks. Such open networks needs to be protected against such bad people who might take advantage of such an insecure network. Wireless networks can be vulnerable to various types of attacks such as eavesdropping, hacking, and freeloaders if there are no protections present in such wireless networks. IBM QRadar is security information, and event management (SIEM) solution is used by security professionals to protect their networks and themselves. In this paper, we propose a system that uses war driving for collecting access point information and QRadar to analyze vulnerable networks by correlating real-time traffic with the information present within the network. The work undertaken integrates information collected by war driving with IBM QRadar and then used to refine its correlation using the network information from open networks. After detecting vulnerable attacks and users, alerts are sent out to the security operation center.