Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Anomaly Detection and Modeling in 802.11 Wireless Networks

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

IEEE 802.11 Wireless Networks are getting more and more popular at university campuses, enterprises, shopping centers, airports and in so many other public places, providing Internet access to a large crowd openly and quickly. The wireless users are also getting more dependent on WiFi technology and therefore demanding more reliability and higher performance for this vital technology. However, due to unstable radio conditions, faulty equipment, and dynamic user behavior among other reasons, there are always unpredictable performance problems in a wireless covered area. Detection and prediction of such problems is of great significance to network managers if they are to alleviate the connectivity issues of the mobile users and provide a higher quality wireless service. This paper aims to improve the management of the 802.11 wireless networks by characterizing and modeling wireless usage patterns in a set of anomalous scenarios that can occur in such networks. We apply time-invariant (Gaussian Mixture Models) and time-variant (Hidden Markov Models) modeling approaches to a dataset generated from a large production network and describe how we use these models for anomaly detection. We then generate several common anomalies on a Testbed network and evaluate the proposed anomaly detection methodologies in a controlled environment. The experimental results of the Testbed show that HMM outperforms GMM and yields a higher anomaly detection ratio and a lower false alarm rate.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Nicholson, A.J., Chawathe, Y., Chen, M.Y., Noble, B.D., Wetherall, D.: Improved access point selection. In: Proceedings of the 4th International Conference on Mobile Systems, Applications and Services, pp. 233–245. MobiSys ’06. ACM, Uppsala (2006). ISBN: 159593-195-3. https://doi.org/10.1145/1134680.1134705

  2. Heusse, M., Rousseau, F., Berger-Sabbatel, G., Duda, A.: Performance anomaly of 802.11b. In: INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications, vol. 2, pp. 836–843. IEEE Societies (2003). https://doi.org/10.1109/INFCOM.2003.1208921

  3. Dujovne, D., Turletti, T., Filali, F.: A taxonomy of IEEE 802.11 wireless parameters and open source measurement tools. In: Communications Surveys Tutorials, IEEE 12.2, pp. 249–262 (2010). ISSN: 1553-877X. https://doi.org/10.1109/SURV.2010.021110.00020

  4. Adya, A., Bahl, P., Chandra, R., Qiu, L.: Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks. In: Proceedings of the 10th Annual International Conference on Mobile Computing and Networking, pp. 30–44. MobiCom ’04. ACM, Philadelphia, PA (2004). ISBN: 1-58113-868-7. https://doi.org/10.1145/1023720.1023724

  5. Cheng, Y.-C., Bellardo, J., Benkoö, P., Snoeren, A.C., Voelker, G.M., Savage, S.: Jigsaw: solving the puzzle of enterprise 802.11 analysis. In: Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pp. 39–50. SIGCOMM ’06. ACM, Pisa (2006). ISBN: 1-59593-308-5. https://doi.org/10.1145/1159913.1159920

  6. Paul, U., Kashyap, A., Maheshwari, R., Das, S.R.: Passive measurement of interference in WiFi networks with application in misbehavior detection. In: IEEE Transactions on Mobile Computing, vol. 12, no. 3, pp. 434–446 (2013). ISSN: 1536-1233. https://doi.org/10.1109/TMC.2011.259

  7. Allahdadi, A., Morla, R., Aguiar, A., Cardoso, J.S.: Predicting short 802.11 sessions from RADIUS usage data. In: 2013 IEEE 38th Conference on Local Computer Networks Workshops (LCN Workshops), pp. 1–8. IEEE (2013)

  8. Allahdadi, A., Morla, R., Cardoso, J.S.: Outlier detection in 802.11 wireless access points using Hidden Markov Models. In: 2014 7th IFIP on Wireless and Mobile Networking Conference (WMNC), pp. 1–8. IEEE (2014)

  9. Shrivastava, V., Rayanchu, S.K., Banerjee, S., Papagiannaki, K.: PIE in the sky: online passive interference estimation for enterprise WLANs. NSDI 11, 25–25 (2011)

    Google Scholar 

  10. Sheth, A., Doerr, C., Grunwald, D., Han, R., Sicker, D.: MOJO: a distributed physical layer anomaly detection system for 802.11 WLANs. In: Proceedings of the 4th International Conference on Mobile Systems, Applications and Services, pp. 191–204. ACM (2006)

  11. Lakshminarayanan, K., Seshan, S., Steenkiste, P.: Understanding 802.11 performance in heterogeneous environments. In: Proceedings of the 2nd ACM SIGCOMM Workshop on Home Networks, pp. 43–48. ACM (2011)

  12. Mahajan, R., Rodrig, M., Wetherall, D., Zahorjan, J.: Analyzing the MAC-level behavior of wireless networks in the wild. In: ACM SIGCOMM Computer Communication Review, vol. 36, no. 4, pp. 75–86. ACM (2006)

  13. Massa, D., Morla, R.: Modeling 802.11 AP usage through daily keep-alive event counts. Wirel. Netw. 19(5), 1005–1022 (2013)

    Article  Google Scholar 

  14. Massa, D., Morla, R.: Abrupt ending of 802.11 ap connections. In: 2013 IEEE Symposium on Computers and Communications (ISCC), pp. 000348–000353. IEEE (2013)

  15. Khayam, S.A., Radha, H.: Markovbased modeling of wireless local area networks. In: Proceedings of the 6th ACM International Workshop on Modeling Analysis and Simulation of Wireless and Mobile Systems, pp. 100–107. ACM (2003)

  16. Kamthe, A., Carreira-Perpinán, M.A., Cerpa, A.E.: M&M: multi-level Markov model for wireless link simulations. In: Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems, pp. 57–70. ACM (2009)

  17. Bednarczyk, W., Gajewski, P.: Hidden Markov models based channel status prediction for cognitive radio networks. In: Session 4P6 RF and Wireless Communication, p. 2088 (2015)

  18. Akbar, I., Tranter, W.H., et al.: Dynamic spectrum allocation in cognitive radio using hidden Markov models: Poisson distributed case. In: IEEE on SoutheastCon, 2007. Proceedings, pp. 196–201. IEEE (2007)

  19. Ghosh, C., Cordeiro, C., Agrawal, D.P., Bhaskara, M.B.: Markov chain existence and hidden Markov models in spectrum sensing. In: IEEE International Conference on Pervasive Computing and Communications, 2009. PerCom 2009, pp. 1–6. IEEE (2009)

  20. Tumuluru, V.K., Wang, P., Niyato, D.: Channel status prediction for cognitive radio networks. Wirel. Commun. Mob. Comput. 12(10), 862–874 (2012)

    Article  Google Scholar 

  21. Prasad, P.S., Agrawal, P.: Movement prediction in wireless networks using mobility traces. In: 2010 7th IEEE on Consumer Communications and Networking Conference (CCNC), pp. 1–5. IEEE (2010)

  22. The Internet Engineering Task Force (IETF). https://www.ietf.org/. Accessed in Jan 2016

  23. RFC 2865 radius authentication. http://tools.ietf.org/html/rfc2865. Accessed in Jan 2016

  24. RFC 2866 radius authentication. http://tools.ietf.org/html/rfc2866. Accessed in Jan 2016

  25. Reynolds, D.: Gaussian mixture models. In: Encyclopedia of Biometrics, pp. 827–832. Springer (2015)

  26. Rabiner, L., Juang, B.-H.: An introduction to hidden Markov models. IEEE ASSP Mag. 3(1), 4–16 (1986)

    Article  Google Scholar 

  27. Fraley, C., Raftery, A.E.: Model-based clustering, discriminant analysis, and density estimation. J. Am. Stat. Assoc. 97(458), 611–631 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  28. Fraley, C., Raftery, A.E., Murphy, T.B., Scrucca, L.: mclust version 5.1 for R: normal mixture modeling for model-based clustering, classification, and density estimation, vol. 597. Technical report (2015)

  29. Schliep, A., Costa, I.G., Georgi, B., Hafemeister, C., Schonhuth, A., Mahmud, M.P.: GHMM Library. http://ghmm.org. Accessed in Mar 2016

  30. The FreeRADIUS Project. http://freeradius.org/. Accessed in Feb 2016

  31. Wifijammer. https://github.com/DanMcInerney/wifijammer. Accessed in Feb 2016

  32. System Sciences at Isis. http://systems-sciences.uni-graz.at/etextbook/bigdata/confusionmatrix.html. Accessed in April 2016

Download references

Acknowledgements

This work is financed by the ERDF European Regional Development Fund through the Operational Programme for Competitiveness and Internationalisation—COMPETE 2020 Programme within Project POCI-01-0145-FEDER-006961, and by National Funds through the FCT Fundao para a Cincia e a Tecnologia (Portuguese Foundation for Science and Technology) as part of Project UID/EEA/50014/2013. The first author is also sponsored by FCT Grant SFRH/BD/99714/2014.

Author information

Authors and Affiliations

  1. INESC TEC, Faculty of Engineering, University of Porto, Campus da FEUP, Rua Dr. Roberto Frias N8 378, 4200-465, Porto, Portugal

    Anisa Allahdadi & Ricardo Morla

Authors
  1. Anisa Allahdadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ricardo Morla
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anisa Allahdadi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Allahdadi, A., Morla, R. Anomaly Detection and Modeling in 802.11 Wireless Networks. J Netw Syst Manage 27, 3–38 (2019). https://doi.org/10.1007/s10922-018-9455-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10922-018-9455-2

Keywords

Search

Navigation