A wireless intrusion Alerts Clustering Method for mobile internet

With the rapid development of mobile Internet, people pay increasing attention to the wireless network security problem. But due to the specificity of the wireless network, at present it is rare to see the research of wireless intrusion alerts clustering method for mobile Internet. This paper proposes a Wireless Intrusion Alert Clustering Method (WIACM) based on the information of the mobile terminal. The method includes alert formatting, alert reduction and alert classification. By introducing key information of the mobile terminal device, this method aggregates the original alerts into hyper alerts. The experimental results show that WIACM would be appropriate for real attack scenarios of mobile Internet, and reduce the amount of alerts with more accuracy of alert analysis.

[1]  Xiang-Yang Li,et al.  Rejecting the attack: Source authentication for Wi-Fi management frames using CSI Information , 2012, 2013 Proceedings IEEE INFOCOM.

[2]  Wang,et al.  Intrusion Detection for Wireless Mesh Networks using Finite State Machine , 2010 .

[3]  Christopher Krügel,et al.  Comprehensive approach to intrusion detection alert correlation , 2004, IEEE Transactions on Dependable and Secure Computing.

[4]  Tian Shengfeng,et al.  A Survey of Intrusion-Detection Alert Aggregation and Correlation Techniques , 2006 .

[5]  Konstantinos G. Kyriakopoulos,et al.  Automatic Dataset Labelling and Feature Selection for Intrusion Detection Systems , 2014, 2014 IEEE Military Communications Conference.

[6]  Ahmed Patel,et al.  A survey of intrusion detection and prevention systems , 2010, Inf. Manag. Comput. Secur..

[7]  Luo Jiawei,et al.  Using Alert Cluster to reduce IDS alerts , 2010, 2010 3rd International Conference on Computer Science and Information Technology.