World of Computer Science and Information Technology Journal (WCSIT) ISSN: 2221-0741 Vol. 1, No. 9, 391-396, 2011 391 Study of Effect of Rate on Performance of Cross Layer Based Inrusion Detection for WLAN Ravneet Kaur Department of Computer science & Engineering Beant College of Engineering & Technology, Gurdaspur Punjab, India. Abstract—The advent of wireless LAN is a onelcome sign in terms of ease of deployment and reconfiguration. Hoonever, security is an alarming concern, as everything being transmitted is available in the air. The presernt paper deals with Study of effect of rate on performance of cross layer based inrusion detection for WLAN reflects the significance of cross layer technique in detecting intruder on WLAN. In cross layer based intrusions detection the decision is based on the combine oneight value of two or more layer. So the decision is not based on single layer, it will reduce false positive rate. Two different layers,physical and MAChave been used in trhe present study and the results have been compared with existing techniques. Keywords- Receiver Signal Strength (RSS); Time Taken for RTS-CTS Handshake (TT); Radio Frequency (RF). I. INTRODUCTION While deploying a wireless LAN makes complete buissness sense for an organization care must be paid to properly lock the wirelss network down so that the network traffic, which ooftern contains buissness –critical information from being revealed to or modified by unauthorized people. The wireless LAN infrastructure should be secure and security must be augmented with advanced algorithms. A wireless network is not as secure as compare the wired network because the data is transferred on air so any intruder can use hacking techniques to access that data. Indeed it is difficult to protect the data and provide the user a secure information system for lifetime. An intrusions detection system aim to detect the different attacks against network and system. An intrusion detection system should be capable for detecting the misuse of the network whether it will be by the authenticated user or by an attacker. They detect attempts and active misuse either by legitimate users of the information systems or by external.[1] The aim of intruder is to gain the access of the privileges. Generally this show that intruder want information which is protected. II. INTRUSION DETECTION SYSTEM Inevitably, the best intrusion prevention system will fail. A system's second line of defense is intrusion detection, and this has been the focus of much research in recent years. [2- 7] Types of intrusion detection systems There are two types of intrusion detection system First, Network Based Intrusion Detection system (NIDS) which resides on network. Second, Host Based Intrusion Detection system (HIDS) which resides on host i.e. computer system. [8-11] Network Based intrusion detection system (NIDS) Network based intrusion detection system resides on network. It exists as software process on hardware system. It change the network interface card (NIC) into promiscuous mode, i.e the card passes all traffic on the network to the NIDS software. The software includes the rules which are used to analyze the traffic. It analyzes the incoming packets against these rules to determine the signature of the attacker. Whether this traffic signature is of any attacker or not. If it is of interest then events are generated [1, 3]. The data source to NIDS is raw packets. It utilizes a network adapter which is running in promiscuous mode to monitor and analyze the network. There are four common techniques to identify attack. a) Frequency or threshold crossing. b) Correlation of lesser events. c) Statistical anomaly detection. d) Pattern, expression or byte code matching. NIDS is not limited to read all the incoming packets only. But also learn the valuable information on outgoing