Abstract. In Wireless Local Area Networks (WLAN), beacon, probe request and response messages are unprotected, so the information is visible to sniffers. Probe requests can be sent by anyone with a legitimate Media Access Control (MAC) address, as association to the network is not required at this stage. Legitimate MAC addresses can be easily spoofed to bypass Access Point (AP) access lists. Attackers take advantage of these vulnerabilities and send a flood of probe request frames which can lead to a Denial-of-Service (DoS) to legitimate stations. This paper discusses an intelligent approach to recognise probe request attacks in WLANs. The research investigates and analyses WLAN traffic captured on a home wireless network, and uses supervised feedforward neural network with 4 input neurons, 2 hidden layers and an output neuron to determine the results. The computer simulation results demonstrate that this approach improves detection of MAC spoofing and probe request attacks considerably.
The Media Access Control (MAC) layer of the wireless protocol, Institute of Electrical and Electronics Engineers (IEEE) 802.11, is based on the exchange of request and response messages. Probe Request Flooding Attacks (PRFA) are devised based on this design flaw to reduce network performance or prevent legitimate users from accessing network resources. The vulnerability is amplified due to clear beacon, probe request and probe response frames. The research is to detect PRFA of Wireless Local Area Networks (WLAN) using a Supervised Feedforward Neural Network (NN). The NN converged outstandingly with train, valid, test sample percentages 70, 15, 15 and hidden neurons 20. The effectiveness of an Intruder Detection System depends on its prediction accuracy. This paper presents optimisation of the NN using Genetic Algorithms (GA). GAs sought to maximise the performance of the model based on Linear Regression (R) and generated R > 0.95. Novelty of this research lies in the fact that the NN accepts user and attacker training data captured separately. Hence, security administrators do not have to perform the painstaking task of manually identifying individual frames for labelling prior training. The GA provides a reliable NN model and recognises the behaviour of the NN for diverse configurations.
Deepthi Ratnayake MBCS, Senior Lecturer in Computer Science (Cyber Security & Networks) at the University of Hertfordshire, discusses the impact of the SolarWinds hack.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.