Manual and Automatic assigned thresholds in multi-layer data fusion intrusion detection system for 802.11 attacks

Abuse attacks on wireless networks are becoming increasingly sophisticated. Most of the recent research on intrusion detection systems for wireless attacks either focuses on just one layer of observation or uses a limited number of metrics without proper data fusion techniques. However, the true status of a network is rarely accurately detectable by examining only one network layer. The goal of this study is to detect injection types of attacks in wireless networks by fusing multi-metrics using the Dempster–Shafer (D–S) belief theory. When combining beliefs, an important step to consider is the automatic and self-adaptive process of basic probability assignment (BPA). This study presents a comparison between manual and automatic BPA methods using the D–S technique. Custom tailoring BPAs in an optimum manner under specific network conditions could be extremely time consuming and difficult. In contrast, automatic methods have the advantage of not requiring any prior training or calibration from an administrator. The results show that multi-layer techniques perform more efficiently when compared with conventional methods. In addition, the automatic assignment of beliefs makes the use of such a system easier to deploy while providing a similar performance to that of a manual system.

[1]  Geethapriya Thamilarasu,et al.  A Cross-layer Approach to Detect Jamming Attacks in Wireless Ad hoc Networks , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[2]  Xia Wang,et al.  Cross-Layer Based Anomaly Detection in Wireless Mesh Networks , 2009, 2009 Ninth Annual International Symposium on Applications and the Internet.

[3]  Bülent Tavli,et al.  Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks , 2009, Comput. Stand. Interfaces.

[4]  Guanlin Chen,et al.  An Intelligent WLAN Intrusion Prevention System Based on Signature Detection and Plan Recognition , 2010, 2010 Second International Conference on Future Networks.

[5]  Basil S. Maglaris,et al.  Towards multisensor data fusion for DoS detection , 2004, SAC '04.

[6]  Konstantinos G. Kyriakopoulos,et al.  An on-line wireless attack detection system using multi-layer data fusion , 2011, 2011 IEEE International Workshop on Measurements and Networking Proceedings (M&N).

[7]  Symeon Papavassiliou,et al.  Data fusion algorithms for network anomaly detection: classification and evaluation , 2007, International Conference on Networking and Services (ICNS '07).

[8]  N. Balakrishnan,et al.  Improvement in minority attack detection with skewness in network traffic , 2008, SPIE Defense + Commercial Sensing.

[9]  Uwe Aickelin,et al.  Anomaly Detection Using the Dempster-Shafer Method , 2006, DMIN.

[10]  Chiu-Ching Tuan,et al.  Fault Tolerance by Quartile Method in Wireless Sensor and Actor Networks , 2010, 2010 International Conference on Complex, Intelligent and Software Intensive Systems.

[11]  J. Robert Boston A signal detection system based on Dempster-Shafer theory and comparison to fuzzy detection , 2000, IEEE Trans. Syst. Man Cybern. Part C.

[12]  Alistair Munro,et al.  Performance comparison of cooperative and non-cooperative relaying mechanisms in wireless networks , 2006, IEEE Wireless Communications and Networking Conference, 2006. WCNC 2006..

[13]  Deborah A. Frincke,et al.  Alert confidence fusion in intrusion detection systems with extended Dempster-Shafer theory , 2005, ACM-SE 43.

[14]  Alexandros G. Fragkiadakis,et al.  Effective and robust detection of jamming attacks , 2010, 2010 Future Network & Mobile Summit.

[15]  Konstantinos G. Kyriakopoulos,et al.  A multi-layer data fusion system for Wi-Fi attack detection using automatic belief assignment , 2012, World Congress on Internet Security (WorldCIS-2012).

[16]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[17]  S. Ahmad,et al.  An Experimental Evaluation of Over-The-Air (OTA) Wireless Intrusion Prevention Techniques , 2007, 2007 2nd International Conference on Communication Systems Software and Middleware.

[18]  Rupinder S. Gill,et al.  Intrusion detection techniques in wireless local area networks , 2009 .