Over the last few decades, the internet has seen unprecedented growth, with over 4.57 billion active users as of July 2022, encompassing 59% of the global population. In recent years, we have seen an increase in mobile computing and the Internet of Things (IoT), allowing more users to communicate through the internet using wireless devices. Modern internet users use their wireless IoT devices for a wide variety of services that include cloud computing and storage, social networking, content services, online banking, shopping, to name a few. Moreover, with the omnipresence of IoT devices, wireless networks are used for services like device control, user authentication, etc. Wi-Fi is the network of choice for most of these wireless communications. Although Wi-Fi networks have improved over recent years, little has been done to secure Wi-Fi networks against attacks. In this paper, we present a Wireless Intrusion Detection System (WIDS); an anomaly behavior analysis approach to detect attacks on Wi-Fi networks with high accuracy and low false alarms. In this approach, we model the normal behavior of the Wi-Fi protocol, using n-grams, and use machine learning models to classify Wi-Fi traffic flows as normal or malicious. We have extensively tested our approach on multiple datasets collected locally at the University of Arizona and AWID family of datasets. Our approach can successfully detect all attacks on Wi-Fi protocols with low false positives (0.0174) and a varying low rate of false negatives for different attacks.
|Original language||English (US)|
|Journal||IEEE Transactions on Network and Service Management|
|State||Accepted/In press - 2020|
- Anomaly Behavior Analysis
- Hidden Markov models
- IEEE 802.11 Standard
- Intrusion detection
- IoT Security
- Machine learning
- Wi-Fi Security.
- Wireless communication
- Wireless fidelity
ASJC Scopus subject areas
- Computer Networks and Communications
- Electrical and Electronic Engineering