nach oben

Wireless Networks

Erschienen in:

23.05.2016

Anomaly based intrusion detection for 802.11 networks with optimal features using SVM classifier

verfasst von: M. Usha, P. Kavitha

Erschienen in: Wireless Networks | Ausgabe 8/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Wireless Fidelity (WiFi) is a widely used wireless technology due to its flexibility and mobility in the presence of vulnerable security features. Several attempts to secure 802.11 standard ends up with the inadequate security mechanisms that are vulnerable to various attacks and intrusions. Thus, integration of external defense mechanism like intrusion detection system (IDS) is inevitable. An anomaly-based IDS employs machine learning algorithms to detect attacks. Selecting the best set of features is central to ensure the performance of the classifier in terms of speed of learning, accuracy, and reliability. This paper proposes a normalized gain based IDS for MAC Intrusions (NMI) to improve the IDS performance significantly. The proposed NMI includes two primary components OFSNP and DCMI. The first component is optimal feature selection using NG and PSO (OFSNP) and the second component is Detecting and Categorizing MAC 802.11 Intrusions (DCMI) using SVM classifier. The OFSNP ranks the features using an independent measure as normalized gain (NG) and selects the optimal set of features using semi-supervised clustering (SSC). The SSC is based on particle swarm optimization (PSO) that uses labeled and unlabeled features simultaneously to find a group of optimal features. Using the optimal set of features, the proposed DCMI utilizes a rapid and straightforward support vector machine (SVM) learning that classifies the attacks under the appropriate classes. Thus, the proposed NMI achieves a better trade-off between detection accuracy and learning time. The experimental results show that the NMI accurately detects and classifies the 802.11 specific intrusions and also, it reduces the false positives and computation complexity by decreasing the number of features.

Vorheriger Artikel Link scheduling for throughput maximization in multihop wireless networks under physical interference

Nächster Artikel Improvement of downlink LTE system performances using nonlinear equalization methods based on SVM and Wiener–Hammerstein

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Sheldon, F. T., Weber, J. M., Yoo, S.-M., & David Pan, W. (2012). The insecurity of wireless networks. IEEE Security and Privacy, 10(4), 54–61. doi:10.1109/MSP.2012.60.CrossRef

Potter, B. (2003). Wireless security’s future. IEEE Security and Privacy, 1(4), 68–72. doi:10.1109/MSECP.2003.1219074.CrossRef

Housley, R., & Arbaugh, W. (2003). Security problems in 802.11 based networks. Communications of the ACM, 46(5), 31–34. doi:10.1145/769800.769822.CrossRef

Lashkari, A. H., Danesh, M. M. S., & Samadi, B. (2009). A survey on wireless security protocols (WEP, WPA & WPA2/802.11 i). In Computer science and information technology 2nd IEEE international conference, pp. 48–52. doi:10.1109/ICCSIT.2009.5234856.

Mathews, M., & Hunt, R. (2007). Evolution of wireless LAN security architecture to IEEE 802.11i (WPA2). In Proceedings of the fourth IASTED Asian conference on communication systems and networks, pp. 292–297.

Kachirski, O., & Guha, R. (2003). Effective intrusion detection using multiple sensors in wireless ad hoc networks. In System sciences, proceedings of the 36th annual Hawaii international conference. doi:10.1109/HICSS.2003.1173873.

Azer, M. A., El-Kassas, S. M., & El-Soudani, M. S. (2005). A survey on anomaly detection methods for ad hoc networks. Ubiquitous Computing and Communication Journal, 2(3), 67–76.

Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers and Security, 28(1), 18–28. doi:10.1016/j.cose.2008.08.003.CrossRef

Liu, Y., Tian, D.-X., & Wei, D. (2006). A wireless intrusion detection method based on neural network. In Proceedings of the second IASTED international conference advances in computer science and technology, pp. 207–211.

10.

Khoshgoftaar, T. M., Nath, S. V., Zhong, S., & Seliya, N. (2005). Intrusion detection in wireless networks using clustering techniques with expert analysis. In Process fourth international conference machine learning and applications. doi:10.1109/ICMLA.2005.43.

11.

Zhong, S., Khoshgoftaar, T. M., & Nath, S. V. (2005). A clustering approach to wireless network intrusion detection. In Process 17th IEEE international conference tools with artificial intelligence (ICTAI), p. 196. doi:10.1109/ICTAI.2005.5.

12.

Boukerche, A., Machado, R. B., Juca, K. R. L., Sobral, J. B. M., & Notare, M. S. M. A. (2007). An agent based and biological inspired real-time intrusion detection and security model for computer network operations. Computer Communication, 30(13), 2649–2660. doi:10.1016/j.comcom.2007.03.008.CrossRef

13.

Boukerche, A., Juc, K. R. L., Sobral, J. B., & Notare, M. S. M. A. (2004). An artificial immune based intrusion detection model for computer and telecommunication systems. Parallel Computing, 30(5), 629–646. doi:10.1016/j.parco.2003.12.008.CrossRef

14.

Boukerche, A., & Notare, M. S. M. A. (2002). Behavior-based intrusion detection in mobile phone systems. Journal of Parallel and Distributed Computing, 62(9), 1476–1490. doi:10.1006/jpdc.2002.1857.CrossRefMATH

15.

Amiri, F., Yousefi, M. M. R., Lucas, C., Shakery, A., & Yazdani, N. (2011). Mutual information-based feature selection for intrusion detection systems. Journal of Network and Computer Applications, 34(4), 1184–1199. doi:10.1016/j.jnca.2011.01.002.CrossRef

16.

El-Khatib, K. (2010). Impact of feature reduction on the efficiency of wireless intrusion detection systems. IEEE Transactions on Parallel and Distributed Systems, 21(8), 1143–1149. doi:10.1109/TPDS.2009.142.CrossRef

17.

Schaffernicht, E., & Gross, H.-M. (2011). Weighted mutual information for feature selection. In Artificial neural networks and machine learning–ICANN. Springer, pp. 181–188. doi:10.1007/978-3-642-21738-8_24.

18.

Kasliwal, B., Bhatia, S., Saini, S., & Kumar, C. A. (2014). A hybrid anomaly detection model using G-LDA. In Advance computing conference (IACC) IEEE international, pp. 288–293. doi:10.1109/IAdCC.2014.6779336.

19.

Sindhu, S. S. S., Geetha, S., & Kannan, A. (2012). Decision tree based light weight intrusion detection using a wrapper approach. Expert Systems with Applications, 39(1), 129–141. doi:10.1016/j.eswa.2011.06.013.CrossRef

20.

Stein, G., Chen, B., Wu, A. S., & Hua, K. A. (2005). Decision tree classifier for network intrusion detection with GA-based feature selection. In Proceedings of the 43rd annual Southeast regional conference, Vol. 2, pp. 136–141. doi:10.1145/1167253.1167288.

21.

Sung, A. H., & Mukkamala, S. (2004). The feature selection and intrusion detection problems. In Process ninth Asian computing science conference, pp. 468–482. doi:10.1007/978-3-540-30502-6_34.

22.

Kotsiantis, S. B., Zaharakis, I., & Pintelas, P. (2006). Supervised machine learning: A review of classification techniques. Artificial Intelligence Review, 26(3), 159–190.CrossRef

23.

Entezari-Maleki, R., Rezaei, A., & Minaei-Bidgoli, B. (2009). Comparison of classification methods based on the type of attributes and sample size. Journal of Convergence Information Technology, 4(3), 94–102.CrossRef

24.

Bakar, A. A., Othman, Z. A., Hamdan, A. R., Yusof, R., & Ismail, R. (2008). An agent-based rough classifier for data mining. In Eighth international conference on intelligent systems design and applications IEEE computer society, Vol. 1, pp. 145–151. doi:10.1109/ISDA.2008.29.

25.

Chebrolu, S., Abraham, A., & Thomas, J. P. (2005). Feature deduction and ensemble design of intrusion detection systems. Computers and Security, 24(4), 295–307. doi:10.1016/j.cose.2004.09.008.CrossRef

26.

Li, Z., Li, Y., & Xu, L. (2011). Anomaly intrusion detection method based on k-means clustering algorithm with particle swarm optimization. In Information technology computer engineering and management sciences (ICM) international conference, Vol. 2, pp. 157–161. doi:10.1109/ICM.2011.184.

27.

Teng, S., Du, H., Wu, N., Zhang, W., & Su, J. (2010). A cooperative network intrusion detection based on fuzzy SVMs. Journal of Networks, 5(4), 475–483. doi:10.4304/jnw.5.4.475-483.

28.

Chen, W. H., Hsu, S. H., & Shen, H. P. (2005). Application of SVM and ANN for intrusion detection. Computers and Operations Research, 32(10), 2617–2634. doi:10.1016/j.cor.2004.03.019.CrossRefMATH

29.

Li, K. L., Huang, H. K., Tian, S. F., & Xu, W. (2003). Improving one-class SVM for anomaly detection. International Conference on Machine Learning and Cybernetics, 5, 3077–3081. doi:10.1109/ICMLC.2003.1260106.

30.

Ambwani, T. (2003). Multi class support vector machine implementation to intrusion detection. In Proceedings of the international joint conference on neural networks, Vol. 3, pp. 2300–2305. doi:10.1109/IJCNN.2003.1223770.

31.

Wang, J., Hong, X., Ren, R., & Li, T. (2009). A real-time intrusion detection system based on PSO-SVM. In Proceedings of the international workshop on information security and application, pp. 319–321.

32.

Saxena, H., & Richariya, V. (2014). Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain. International Journal of Computer Applications, 98(6), 25–29. doi:10.5120/17188-7369.CrossRef

33.

Manekar, V., & Waghmare, K. (2014). Intrusion detection system using support vector machine (SVM) and particle swarm optimization (PSO). International Journal of Advanced Computer Research, 4(3), 808.

34.

Huang, C.-L., & Dun, J.-F. (2008). A distributed PSO–SVM hybrid system with feature selection and parameter optimization. Applied Soft Computing, 8(4), 1381–1391. doi:10.1016/j.asoc.2007.10.007.CrossRef

35.

Kolias, C., Kambourakis, G., Stavrou, A., & Gritzalis, S. (2015). Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Communications Surveys & Tutorials, 18(1), 184–208. doi:10.1109/COMST.2015.2402161.CrossRef

Titel: Anomaly based intrusion detection for 802.11 networks with optimal features using SVM classifier
verfasst von: M. Usha
P. Kavitha
Publikationsdatum: 23.05.2016
Verlag: Springer US
Erschienen in: Wireless Networks / Ausgabe 8/2017
Print ISSN: 1022-0038
Elektronische ISSN: 1572-8196
DOI: https://doi.org/10.1007/s11276-016-1300-5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 8/2017

Multi-channel-based scheduling for overlay inband device-to-device communications

Link scheduling for throughput maximization in multihop wireless networks under physical interference

Capacity of two-layered satellite networks

A coalition formation game based relay selection scheme for cooperative cognitive radio networks

Power control and clustering in heterogeneous cellular networks

Resource management for symmetrical applications over heterogeneous services in IEEE 802.16