nzyme – Free & Open WiFi Defense System – Lennart Koopmann – PSW #690
Nzyme is a new kind of WiFi IDS (WIDS) that detects adversaries by looking at hard to spoof characteristics of an attacker. Existing WIDS tend to look at extremely easy to spoof metadata like channels or BSSIDs. The new approach of nzyme looks at hardware fingerprints and physical attributes like signal strengths. For example, it constantly tries to follow the signal "track" of every WiFi access point in range and alerts once a second track appears because this is most likely someone spoofing the legitimate access point from a different location.
Register for Joff's Fun Regular Expressions class here:
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Lennart founded Graylog as an Open Source project in 2009 to meet the needs of application developers, DevOps, and IT Ops teams. Since that time, he has led the transformation of Graylog into a robust enterprise application and established the company’s product and technology platform as one of the leading centralized log management solutions.
In his free time, he enjoys amateur boxing and working on his free and open WiFi IDS project nzyme.