research-article

WIDS: a sensor-based online mining wireless intrusion detection system

Authors:

C. I. Ezeife,

Maxwell Ejelike,

A. K. AggarwalAuthors Info & Claims

IDEAS '08: Proceedings of the 2008 international symposium on Database engineering & applications

Pages 255 - 261

https://doi.org/10.1145/1451940.1451976

Published: 10 September 2008 Publication History

Get Access

Abstract

This paper proposes WIDS, a wireless intrusion detection system, which applies data mining clustering technique to wireless network data captured through hardware sensors for purposes of real time detection of anomalous behavior in wireless packets. Using hardware sensors to capture network packets enables detection of attacks before they reach access points and ensures all packets transmitted in the networks are analyzed for a more complete attack detection. The proposed mining based technique for wireless network intrusion detection contributes by reducing the need for training data, reducing false positives and increasing the effectiveness of attack detection on networks with few (one to twenty) connections.

The proposed WIDS design approach involves real time pre-processing of sensor data using a density-based, Local Sparsity Coefficient (LSC) outlier detection algorithm to assign anomaly scores to the connection records. Connection records with low anomaly scores are used as initial starting cluster centre positions for building clusters. The algorithm continuously derives minimum deviation as the maximum of distances between all pairs of cluster centre positions. New records which have their distances from the closest cluster more than the minimum deviation, are tagged as anomaly and moved to alert cluster. One major result of this paper is detection of MAC spoofing attacks by tracking sequence numbers, which ensures duplicate or spoofed (stolen) MAC addresses are not used in the network.

References

[1]

M. Agyemang and C. I. Ezeife. Lsc-mine: Algorithm for mining local outliers. In Proceedings o f the 15th Information Resource Management Association (IRMA) International Conference, New Orleans, pages 5--8, May 2004.

Google Scholar

[2]

Y. Bai and H. Kobayashi. Intrusion detection systems: Technology and development. In Proceedings of the 17th International Conference on Advanced Information Networking and Applications (AINA 03), pages 710--715. IEEE Computer Society, March 2003.

Digital Library

Google Scholar

[3]

D. Barbara, J. Couto, S. Jadodia, L. Popyack, and N. Wu. Adam: A testbed for exploring the use of data mining in intrusion detection. ACM SIGMOD RECORD: Special Selection on Data Mining for Intrusion Detection and Threat Analysis, 30(4), 2001.

Digital Library

Google Scholar

[4]

G. Deckerd. ireless attacks from an intrusion detection perspective. http://static.scribd.com/docs/fxfmwewfrgwtb.pdf, 2006.

Google Scholar

[5]

L. Ertoz, E. Eilertson, A. Lazarevic, P. Tan, J. Srivastava, V. Kumar, and P. Dokas. The MINDS - Minnesota Intrusion Detection System in Next Generation Data Mining, chapter 3. MINDs, 2004.

Google Scholar

[6]

A. Lazarevic, L. Ertoz, A. Ozgur, J. Srivastava, and V. Kumar. A comparative study of anomaly detection schemes in network intrusion detection. In Proceedings of the Third SIAM Conference on Data Mining, San Francisco, pages 5--8, May 2004.

Google Scholar

[7]

W. Lee, R. Nimbalkar, K. Yee, S. Patil, P. Desai, T. Tran, and S. Stolfo. A data mining and cidf based approach for detecting novel and distributed intrusions. In Lecture Notes in Computer Science No. 1907., pages 49--65. Springer Verlag, 2000.

Crossref

Google Scholar

[8]

NetworkChemistry. Network chemistry wireless security business. http://www.networkchemistry.com, 2007.

Google Scholar

[9]

O. Sang-Hyun, K. Jin-Suk, B. Yung-Cheol, P. Gyung-Leen, and S.-Y. B. Intrusion detection based on clustering a data stream. In Proceedings of the Third Software Engineering Research, Management and Applications ACIS International Conference, pages 220--227, 2005.

Digital Library

Google Scholar

[10]

Tamosoft. Commview -for wifi. http://www.tamos.com/products/commwifi/, 2005.

Google Scholar

[11]

C. Waters. Wireless attacks: Damage and costs. networkworld.com. http://www.networkworld.com/columnists/2006/061206-wireless-security.html, 2006.

Google Scholar

[12]

S. Zhong, T. Khoshgoftaar, and S. Naeem. Clustering-based network intrusion detection. International Journal of reliability, Quality and safety Engineering, 2(5--6):571--603, 1999.

Google Scholar

Cited By

View all

Chen B(2023)Research on Mine Dust and Fire Detection System Based on Recurrent Neural Network2023 5th International Conference on Robotics, Intelligent Control and Artificial Intelligence (RICAI)10.1109/RICAI60863.2023.10489450(922-925)Online publication date: 1-Dec-2023
https://doi.org/10.1109/RICAI60863.2023.10489450
Al Hayali SRahebi JUcan OBayat O(2019)Increasing Energy Efficiency in Wireless Sensor Networks Using GA-ANFIS to Choose a Cluster Head and Assess Routing and Weighted Trusts to Demodulate Attacker NodesFoundations of Science10.1007/s10699-019-09593-9Online publication date: 1-Mar-2019
https://doi.org/10.1007/s10699-019-09593-9
Ahammed GAli ABanu R(2017)Design & analysis of super agent node to detect malignant nodes through occasion-based conviction representation in wireless sensor networks2017 International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT)10.1109/ICEECCOT.2017.8284613(1-7)Online publication date: Dec-2017
https://doi.org/10.1109/ICEECCOT.2017.8284613
Show More Cited By

Index Terms

WIDS: a sensor-based online mining wireless intrusion detection system

Recommendations

Wireless intrusion detection based on different clustering approaches
A2CWiC '10: Proceedings of the 1st Amrita ACM-W Celebration on Women in Computing in India

Wireless security is becoming an important area of product research and development. Wireless Intrusion detection Systems are commonly used in WLAN network for detecting wireless attacks. Classifiers are commonly used as detectors in these systems. ...
Utilizing fuzzy logic and neural networks for effective, preventative intrusion detection in a wireless environment
SAICSIT '07: Proceedings of the 2007 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries

The importance of properly securing an organization's information and computing resources has become paramount in modern business. Intrusion detection systems in particular have an increasingly valuable role to play: as networks grow and more ...
Experiences in passively detecting session hijacking attacks in IEEE 802.11 networks
ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54

Current IEEE 802.11 wireless networks are vulnerable to session hijacking attacks as the existing standards fail to address the lack of authentication of management frames and network card addresses, and rely on loosely coupled state machines. Even the ...

Comments

Information & Contributors

Information

Published In

IDEAS '08: Proceedings of the 2008 international symposium on Database engineering & applications

September 2008

289 pages

ISBN:9781605581880

DOI:10.1145/1451940

General Chair:
Bipin C. Desai
Concordia University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 September 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Natural Sciences and Engineering Research Council of Canada

Conference

IDEAS '08

Sponsor:

IDEAS '08: Proceedings of the 12th international symposium on database engineering & applications

September 10 - 12, 2008

Coimbra, Portugal

Acceptance Rates

Overall Acceptance Rate 74 of 210 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
576
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Chen B(2023)Research on Mine Dust and Fire Detection System Based on Recurrent Neural Network2023 5th International Conference on Robotics, Intelligent Control and Artificial Intelligence (RICAI)10.1109/RICAI60863.2023.10489450(922-925)Online publication date: 1-Dec-2023
https://doi.org/10.1109/RICAI60863.2023.10489450
Al Hayali SRahebi JUcan OBayat O(2019)Increasing Energy Efficiency in Wireless Sensor Networks Using GA-ANFIS to Choose a Cluster Head and Assess Routing and Weighted Trusts to Demodulate Attacker NodesFoundations of Science10.1007/s10699-019-09593-9Online publication date: 1-Mar-2019
https://doi.org/10.1007/s10699-019-09593-9
Ahammed GAli ABanu R(2017)Design & analysis of super agent node to detect malignant nodes through occasion-based conviction representation in wireless sensor networks2017 International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT)10.1109/ICEECCOT.2017.8284613(1-7)Online publication date: Dec-2017
https://doi.org/10.1109/ICEECCOT.2017.8284613
Ali AAhammed GBanu RParameshachari B(2016)Malignant node detection through trust model events in wireless sensor networks2016 International Conference on Electrical, Electronics, Communication, Computer and Optimization Techniques (ICEECCOT)10.1109/ICEECCOT.2016.7955231(285-292)Online publication date: Dec-2016
https://doi.org/10.1109/ICEECCOT.2016.7955231
Moshtaghi MLeckie CKarunasekera SRajasegarar S(2014)An adaptive elliptical anomaly detection model for wireless sensor networksComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2014.02.00464(195-207)Online publication date: 1-May-2014
https://dl.acm.org/doi/10.1016/j.comnet.2014.02.004
Ezeife CRahman MDesai BBernardino J(2010)NeuDetectProceedings of the Fourteenth International Database Engineering & Applications Symposium10.1145/1866480.1866487(38-41)Online publication date: 16-Aug-2010
https://dl.acm.org/doi/10.1145/1866480.1866487

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Wireless intrusion detection based on different clustering approaches

Utilizing fuzzy logic and neural networks for effective, preventative intrusion detection in a wireless environment

Experiences in passively detecting session hijacking attacks in IEEE 802.11 networks

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations