Wireless Anomaly Detection Based on IEEE 802.11 Behavior Analysis

Hamid Alipour, Youssif B. Al-Nashif, Pratik Satam, Salim A Hariri

Research output: Contribution to journalArticle

33 Scopus citations

Abstract

Wireless communication networks are pervading every aspect of our lives due to their fast, easy, and inexpensive deployment. They are becoming ubiquitous and have been widely used to transfer critical information, such as banking accounts, credit cards, e-mails, and social network credentials. The more pervasive the wireless technology is going to be, the more important its security issue will be. Whereas the current security protocols for wireless networks have addressed the privacy and confidentiality issues, there are unaddressed vulnerabilities threatening their availability and integrity (e.g., denial of service, session hijacking, and MAC address spoofing attacks). In this paper, we describe an anomaly based intrusion detection system for the IEEE 802.11 wireless networks based on behavioral analysis to detect deviations from normal behaviors that are triggered by wireless network attacks. Our anomaly behavior analysis of the 802.11 protocols is based on monitoring the n-consecutive transitions of the protocol state machine. We apply sequential machine learning techniques to model the n-transition patterns in the protocol and characterize the probabilities of these transitions being normal. We have implemented several experiments to evaluate our system performance. By cross validating the system over two different wireless channels, we have achieved a low false alarm rate (<0.1%). We have also evaluated our approach against an attack library of known wireless attacks and has achieved more than 99% detection rate.

Original languageEnglish (US)
Article number7109166
Pages (from-to)2158-2170
Number of pages13
JournalIEEE Transactions on Information Forensics and Security
Volume10
Issue number10
DOIs
StatePublished - Oct 1 2015

Keywords

  • Anomaly detection
  • IEEE 802.11 security
  • Intrusion detection
  • Protocol analysis
  • Wireless Network security
  • Wireless networks

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Wireless Anomaly Detection Based on IEEE 802.11 Behavior Analysis'. Together they form a unique fingerprint.

  • Cite this