A Basic Probability Assignment Methodology for Unsupervised Wireless Intrusion Detection

The broadcast nature of wireless local area networks has made them prone to several types of wireless injection attacks, such as Man-in-the-Middle (MitM) at the physical layer, deauthentication, and rogue access point attacks. The implementation of novel intrusion detection systems (IDSs) is fundame...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 6; pp. 40008 - 40023
Main Authors Ghafir, Ibrahim, Kyriakopoulos, Konstantinos G., Aparicio-Navarro, Francisco J., Lambotharan, Sangarapillai, Assadhan, Basil, Binsalleeh, Hamad
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.01.2018
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Basic probability assignment
Communication system security
data fusion
Data integration
Dempster-Shafer theory
Intrusion detection
intrusion detection system
Intrusion detection systems
Local area networks
local reachability density
Measurement
Methodology
network security
Normal distribution
Probability density function
Probability density functions
Wireless communication
Wireless fidelity
wireless injection attacks
Wireless networks
Online AccessGet full text

Cover

More Information
Summary:The broadcast nature of wireless local area networks has made them prone to several types of wireless injection attacks, such as Man-in-the-Middle (MitM) at the physical layer, deauthentication, and rogue access point attacks. The implementation of novel intrusion detection systems (IDSs) is fundamental to provide stronger protection against these wireless injection attacks. Since most attacks manifest themselves through different metrics, current IDSs should leverage a cross-layer approach to help toward improving the detection accuracy. The data fusion technique based on the Dempster-Shafer (D-S) theory has been proven to be an efficient technique to implement the cross-layer metric approach. However, the dynamic generation of the basic probability assignment (BPA) values used by D-S is still an open research problem. In this paper, we propose a novel unsupervised methodology to dynamically generate the BPA values, based on both the Gaussian and exponential probability density functions, the categorical probability mass function, and the local reachability density. Then, D-S is used to fuse the BPA values to classify whether the Wi-Fi frame is normal (i.e., non-malicious) or malicious. The proposed methodology provides 100% true positive rate (TPR) and 4.23% false positive rate (FPR) for the MitM attack and 100% TPR and 2.44% FPR for the deauthentication attack, which confirm the efficiency of the dynamic BPA generation methodology.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2018.2855078