Wireless Anomaly Detection Based on IEEE 802.11 Behavior Analysis

Alipour, H.; Al-Nashif, Youssif; Satam, Pratik; Hariri, Salim

doi:10.1109/tifs.2015.2433898

Cited by 64 publications

(35 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The diversity of anomalies in wireless system makes it impossible to obtain their signatures [11]. Furthermore, IDS for wireless networks have information available only from the physical and the data link layers [12] as the information present in higher layers are often encrypted and therefore not easily accessible. The problem then consists of developing a methodology for effective signal monitoring and processing, while being adaptable enough to accommodate unknown threats in the future.…”

Section: Problem Formulation and Related Workmentioning

confidence: 99%

“…They statistically analyze the signal envelope to create empirical event probabilities and use it with the two measure functions to identify interference instances. Reference [12] proposes a detection scheme to identify anomalous behavior in IEEE 802.11 Wireless LAN by analyzing MAC layer frames. The authors create a normal model using n consecutive state-machine transitions during the normal functioning of the network.…”

Section: Problem Formulation and Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Deep Predictive Coding Neural Network for RF Anomaly Detection in Wireless Networks

Tandiya

Jauhar

Marojevic

et al. 2018

2018 IEEE International Conference on Communications Workshops (ICC Workshops)

View full text Add to dashboard Cite

Intrusion detection has become one of the most critical tasks in a wireless network to prevent service outages that can take long to fix. The sheer variety of anomalous events necessitates adopting cognitive anomaly detection methods instead of the traditional signature-based detection techniques. This paper proposes an anomaly detection methodology for wireless systems that is based on monitoring and analyzing radio frequency (RF) spectrum activities. Our detection technique leverages an existing solution for the video prediction problem, and uses it on image sequences generated from monitoring the wireless spectrum. The deep predictive coding network is trained with images corresponding to the normal behavior of the system, and whenever there is an anomaly, its detection is triggered by the deviation between the actual and predicted behavior. For our analysis, we use the images generated from the time-frequency spectrograms and spectral correlation functions of the received RF signal. We test our technique on a dataset which contains anomalies such as jamming, chirping of transmitters, spectrum hijacking, and node failure, and evaluate its performance using standard classifier metrics: detection ratio, and false alarm rate. Simulation results demonstrate that the proposed methodology effectively detects many unforeseen anomalous events in real time. We discuss the applications, which encompass industrial IoT, autonomous vehicle control and mission-critical communications services.

show abstract

Section: Problem Formulation and Related Workmentioning

confidence: 99%

Section: Problem Formulation and Related Workmentioning

confidence: 99%

Deep Predictive Coding Neural Network for RF Anomaly Detection in Wireless Networks

Tandiya

Jauhar

Marojevic

et al. 2018

2018 IEEE International Conference on Communications Workshops (ICC Workshops)

View full text Add to dashboard Cite

show abstract

“…In encrypted traffic environments, secure sockets layer (SSL), wired equivalent privacy WEP, or Internet protocol security (IPsec) protocols are utilised to offer better privacy and confidentiality. Previous work in detecting web-based attacks mainly focused on investigating the log/payload content [44,45]. In view that the traffic is encrypted, payload (log) is unavailable as the content is indecipherable.…”

Section: Attack On Webmentioning

confidence: 99%

A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

Kamarudin

Maple

Watson

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

The global usage of more sophisticated web-based application systems is obviously growing very rapidly. Major usage includes the storing and transporting of sensitive data over the Internet. The growth has consequently opened up a serious need for more secured network and application security protection devices. Security experts normally equip their databases with a large number of signatures to help in the detection of known web-based threats. In reality, it is almost impossible to keep updating the database with the newly identified web vulnerabilities. As such, new attacks are invisible. This research presents a novel approach of Intrusion Detection System (IDS) in detecting unknown attacks on web servers using the Unified Intrusion Anomaly Detection (UIAD) approach. The unified approach consists of three components (preprocessing, statistical analysis, and classification). Initially, the process starts with the removal of irrelevant and redundant features using a novel hybrid feature selection method. Thereafter, the process continues with the application of a statistical approach to identifying traffic abnormality. We performed Relative Percentage Ratio (RPR) coupled with Euclidean Distance Analysis (EDA) and the Chebyshev Inequality Theorem (CIT) to calculate the normality score and generate a finest threshold. Finally, Logitboost (LB) is employed alongside Random Forest (RF) as a weak classifier, with the aim of minimising the final false alarm rate. The experiment has demonstrated that our approach has successfully identified unknown attacks with greater than a 95% detection rate and less than a 1% false alarm rate for both the DARPA 1999 and the ISCX 2012 datasets.

show abstract

“…Hamid Alipour, et.al (2015) proposed in this paper [10], an anomaly-based intrusion detection system is described for the IEEE 802.11 wireless networks based on behavioral analysis to detect deviations from normal behaviors that are triggered by wireless network attacks. This anomaly behavior analysis of the 802.11 protocols is based on monitoring the nconsecutive transitions of the convention state machine.…”

Section: International Journal Of Computer Applications (0975 -8887) mentioning

confidence: 99%

An Effective Technique to Identify Anomalous Accounts on Social Networks using Bloom Filter

kaur¹,

Kaur²

2017

IJCA

View full text Add to dashboard Cite

The anomaly detection is the technique which is applied to detect malicious activities from the social network data. The existing technique is based on to classify the Facebook accounts into three classes which are fake, genuine and moderate. To increase accuracy of account classification is increased when bloom filter is being applied in the algorithm. The bloom filter is the algorithm which learns from the previous experiences and drive new values. When the bloom filter is applied the accounts are classified into two classes. The simulation is being performed in MATLAB and it is being analyzed that accuracy is increased and execution time is reduced.

show abstract

Wireless Anomaly Detection Based on IEEE 802.11 Behavior Analysis

Cited by 64 publications

References 13 publications

Deep Predictive Coding Neural Network for RF Anomaly Detection in Wireless Networks

Deep Predictive Coding Neural Network for RF Anomaly Detection in Wireless Networks

A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

An Effective Technique to Identify Anomalous Accounts on Social Networks using Bloom Filter

Contact Info

Product

Resources

About