SWAN: a secure wireless LAN architecture

Abstract

Existing wireless LAN (WLAN) security schemes are few and product specific. While there exist some schemes for information integrity related problems, there are few standard solutions for quality of service and network health maintenance related problems in wireless networks. In this paper we propose an architecture model for secure WLAN that is generic in its design, so that it can easily be incorporated into existing systems at low cost, thus making it feasible and easy to implement. Our secure wireless LAN (SWAN) architecture first describes an admission control mechanism and deals with intrusion detection, malicious behavior detection, and maintaining quality of service and network health. We then introduce a novel infrastructure for an ad-hoc migration scheme (IAMS) to deal with denial of service (DOS) attacks on WLAN, and describe a unique traffic distribution protocol (TDP) for routing traffic when an access point is under attack, thus ensuring network survivability in the case of a DOS attack. We simulate the IAMS and the TDP using the network simulator GloMoSim.