Wireless Anomaly Detection Based on IEEE 802.11 Behavior Analysis

Wireless communication networks are pervading every aspect of our lives due to their fast, easy, and inexpensive deployment. They are becoming ubiquitous and have been widely used to transfer critical information, such as banking accounts, credit cards, e-mails, and social network credentials. The m...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security 2015-10, Vol.10 (10), p.2158-2170
Main Authors: Alipour, Hamid, Al-Nashif, Youssif B., Satam, Pratik, Hariri, Salim
Format: Article
Language:English
Subjects:
Anomaly detection
Communication system security
Detectors
IEEE 802.11 security
IEEE 802.11 Standards
Intrusion detection
Protocol analysis
Protocols
Wireless Network security
Wireless networks
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Wireless communication networks are pervading every aspect of our lives due to their fast, easy, and inexpensive deployment. They are becoming ubiquitous and have been widely used to transfer critical information, such as banking accounts, credit cards, e-mails, and social network credentials. The more pervasive the wireless technology is going to be, the more important its security issue will be. Whereas the current security protocols for wireless networks have addressed the privacy and confidentiality issues, there are unaddressed vulnerabilities threatening their availability and integrity (e.g., denial of service, session hijacking, and MAC address spoofing attacks). In this paper, we describe an anomaly based intrusion detection system for the IEEE 802.11 wireless networks based on behavioral analysis to detect deviations from normal behaviors that are triggered by wireless network attacks. Our anomaly behavior analysis of the 802.11 protocols is based on monitoring the n-consecutive transitions of the protocol state machine. We apply sequential machine learning techniques to model the n-transition patterns in the protocol and characterize the probabilities of these transitions being normal. We have implemented several experiments to evaluate our system performance. By cross validating the system over two different wireless channels, we have achieved a low false alarm rate (
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2015.2433898