WIDS: An Anomaly Based Intrusion Detection System for Wi-Fi (IEEE 802.11) Protocol

Pratik Satam, Salim Hariri

Research output: Contribution to journalArticlepeer-review

2 Scopus citations

Abstract

Over the last few decades, the Internet has seen unprecedented growth, with over 4.57 billion active users as of July 2022, encompassing 59% of the global population. In recent years, we have seen an increase in mobile computing and the Internet of Things (IoT), allowing more users to communicate through the Internet using wireless devices. Modern Internet users use their wireless IoT devices for a wide variety of services that include cloud computing and storage, social networking, content services, online banking, shopping, to name a few. Moreover, with the omnipresence of IoT devices, wireless networks are used for services like device control, user authentication, etc. Wi-Fi is the network of choice for most of these wireless communications. Although Wi-Fi networks have improved over recent years, little has been done to secure Wi-Fi networks against attacks. In this article, we present a Wireless Intrusion Detection System (WIDS); an anomaly behavior analysis approach to detect attacks on Wi-Fi networks with high accuracy and low false alarms. In this approach, we model the normal behavior of the Wi-Fi protocol, using n-grams, and use machine learning models to classify Wi-Fi traffic flows as normal or malicious. We have extensively tested our approach on multiple datasets collected locally at the University of Arizona and AWID family of datasets. Our approach can successfully detect all attacks on Wi-Fi protocols with low false positives (0.0174) and a varying low rate of false negatives for different attacks.

Original languageEnglish (US)
Article number9249426
Pages (from-to)1077-1091
Number of pages15
JournalIEEE Transactions on Network and Service Management
Volume18
Issue number1
DOIs
StatePublished - Mar 2021

Keywords

  • Anomaly behavior analysis
  • IoT security
  • Wi-Fi security
  • machine learning

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'WIDS: An Anomaly Based Intrusion Detection System for Wi-Fi (IEEE 802.11) Protocol'. Together they form a unique fingerprint.

Cite this