Deep Abstraction and Weighted Feature Selection for Wi-Fi Impersonation Detection

The recent advances in mobile technologies have resulted in Internet of Things (IoT)-enabled devices becoming more pervasive and integrated into our daily lives. The security challenges that need to be overcome mainly stem from the open nature of a wireless medium, such as a Wi-Fi network. An impersonation attack is an attack in which an adversary is disguised as a legitimate party in a system or communications protocol. The connected devices are pervasive, generating high-dimensional data on a large scale, which complicates simultaneous detections. Feature learning, however, can circumvent the potential problems that could be caused by the large-volume nature of network data. This paper thus proposes a novel deep-feature extraction and selection (D-FES), which combines stacked feature extraction and weighted feature selection. The stacked autoencoding is capable of providing representations that are more meaningful by reconstructing the relevant information from its raw inputs. We then combine this with modified weighted feature selection inspired by an existing shallow-structured machine learner. We finally demonstrate the ability of the condensed set of features to reduce the bias of a machine learner model as well as the computational complexity. Our experimental results on a well-referenced Wi-Fi network benchmark data set, namely, the Aegean Wi-Fi Intrusion data set, prove the usefulness and the utility of the proposed D-FES by achieving a detection accuracy of 99.918% and a false alarm rate of 0.012%, which is the most accurate detection of impersonation attacks reported in the literature.

[1]  Xiangliang Zhang,et al.  Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection , 2014, IEEE Transactions on Information Forensics and Security.

[2]  Hiroshi Motoda,et al.  Feature Selection Extraction and Construction , 2002 .

[3]  Kwangjo Kim,et al.  Detecting Impersonation Attack in WiFi Networks Using Deep Learning Approach , 2016, WISA.

[4]  Zhong Ming,et al.  An improved NSGA-III algorithm for feature selection used in intrusion detection , 2017, Knowl. Based Syst..

[5]  Svein J. Knapskog,et al.  Attribute Normalization in Network Intrusion Detection , 2009, 2009 10th International Symposium on Pervasive Systems, Algorithms, and Networks.

[6]  N. Balakrishnan,et al.  Improvement in Intrusion Detection With Advances in Sensor Fusion , 2009, IEEE Transactions on Information Forensics and Security.

[7]  Georgios Kambourakis,et al.  TermID: a distributed swarm intelligence-based approach for wireless intrusion detection , 2017, International Journal of Information Security.

[8]  Panos Louvieris,et al.  Effects-based feature identification for network intrusion detection , 2013, Neurocomputing.

[9]  Simon J. Doran,et al.  Stacked Autoencoders for Unsupervised Feature Learning and Multiple Organ Detection in a Pilot Study Using 4D Patient Data , 2013, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[10]  Caixia Zhang,et al.  The Learning Effect of Different Hidden Layers Stacked Autoencoder , 2016, 2016 8th International Conference on Intelligent Human-Machine Systems and Cybernetics (IHMSC).

[11]  P. Kavitha,et al.  Anomaly based intrusion detection for 802.11 networks with optimal features using SVM classifier , 2016, Wirel. Networks.

[12]  Kwangjo Kim,et al.  Weighted Feature Selection Techniques for Detecting Impersonation Attack in Wi-Fi Networks , 2016 .

[13]  Kwangjo Kim,et al.  Design of an Intrusion Detection System for Unknown-attacks based on Bio-inspired Algorithms , 2015 .

[14]  Yoshua Bengio,et al.  Greedy Layer-Wise Training of Deep Networks , 2006, NIPS.

[15]  Helmi Zulhaidi Mohd Shafri,et al.  A comparison of support vector machine and decision tree classifications using satellite data of Langkawi Island , 2009 .

[16]  Lloyd A. Smith,et al.  Practical feature subset selection for machine learning , 1998 .

[17]  Yoshua Bengio,et al.  Scaling learning algorithms towards AI , 2007 .

[18]  Patrick D. Schloss,et al.  Assessing and Improving Methods Used in Operational Taxonomic Unit-Based Approaches for 16S rRNA Gene Sequence Analysis , 2011, Applied and Environmental Microbiology.

[19]  Georgios Kambourakis,et al.  Intrusion Detection in 802.11 Networks: Empirical Evaluation of Threats and a Public Dataset , 2016, IEEE Communications Surveys & Tutorials.

[20]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[21]  Ing-Ray Chen,et al.  Behavior Rule Specification-Based Intrusion Detection for Safety Critical Medical Cyber Physical Systems , 2015, IEEE Transactions on Dependable and Secure Computing.

[22]  Fakhri Karray,et al.  Lightweight IDS Based on Features Selection and IDS Classification Scheme , 2009, 2009 International Conference on Computational Science and Engineering.

[23]  Salvatore J. Stolfo,et al.  A Geometric Framework for Unsupervised Anomaly Detection , 2002, Applications of Data Mining in Computer Security.

[24]  Michel Barbeau,et al.  Detecting Impersonation Attacks in Future Wireless and Mobile Networks , 2005, MADNES.

[25]  H. Guterman,et al.  Knowledge extraction from artificial neural network models , 1997, 1997 IEEE International Conference on Systems, Man, and Cybernetics. Computational Cybernetics and Simulation.

[26]  Jason Weston,et al.  Gene Selection for Cancer Classification using Support Vector Machines , 2002, Machine Learning.

[27]  Raheem A. Beyah,et al.  Rogue access point detection using temporal traffic characteristics , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[28]  Shadi Aljawarneh,et al.  Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model , 2017, J. Comput. Sci..

[29]  Vineet Richariya,et al.  Intrusion Detection in KDD99 Dataset using SVM-PSO and Feature Reduction with Information Gain , 2014 .

[30]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[31]  Jeffrey M. Voas,et al.  Learning Internet-of-Things Security "Hands-On" , 2016, IEEE Security & Privacy.

[32]  Kwangjo Kim,et al.  Another Fuzzy Anomaly Detection System Based on Ant Clustering Algorithm , 2017, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[33]  Farrukh Aslam Khan,et al.  Intrusion Detection Systems for Wireless Sensor Networks: A Survey , 2009, FGIT-FGCN.

[34]  Raúl Rojas,et al.  The Backpropagation Algorithm , 1996 .

[35]  Stan Szpakowicz,et al.  Beyond Accuracy, F-Score and ROC: A Family of Discriminant Measures for Performance Evaluation , 2006, Australian Conference on Artificial Intelligence.

[36]  Christian Haas,et al.  Anomaly Detection in Industrial Networks using Machine Learning: A Roadmap , 2016, ML4CPS.

[37]  Martin Fodslette Meiller A Scaled Conjugate Gradient Algorithm for Fast Supervised Learning , 1993 .

[38]  Atilla Özgür,et al.  A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015 , 2016, PeerJ Prepr..

[39]  D. Gunopulos,et al.  Scaling up the Naive Bayesian Classifier : Using Decision Trees for Feature Selection , 2002 .

[40]  Foster Provost,et al.  The effect of class distribution on classifier learning: an empirical study , 2001 .

[41]  Krishna P. Gummadi,et al.  The Doppelgänger Bot Attack: Exploring Identity Impersonation in Online Social Networks , 2015, Internet Measurement Conference.

[42]  Georgios Kambourakis,et al.  Swarm intelligence in intrusion detection: A survey , 2011, Comput. Secur..

[43]  Srdjan Capkun,et al.  Mobile Application Impersonation Detection Using Dynamic User Interface Extraction , 2016, ESORICS.

[44]  Kalyani Waghmare,et al.  Intrusion Detection System using Support Vector Machine (SVM) and Particle Swarm Optimization (PSO) , 2014 .

[45]  Akshai Aggarwal,et al.  Enhancing Performance of Intrusion Detection System Against KDD99 Dataset Using Evidence Theory , 2016 .

[46]  David J. Field,et al.  Sparse coding with an overcomplete basis set: A strategy employed by V1? , 1997, Vision Research.

[47]  Ron Kohavi,et al.  Wrappers for Feature Subset Selection , 1997, Artif. Intell..

[48]  Erik Schaffernicht,et al.  Weighted Mutual Information for Feature Selection , 2011, ICANN.

[49]  Jing Zhang,et al.  A Hybrid Feature Selection Approach by Correlation-Based Filters and SVM-RFE , 2014, 2014 22nd International Conference on Pattern Recognition.

[50]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[51]  Li Yong Gui,et al.  Identification and prevention of impersonation attack based on a new flag byte , 2015, 2015 4th International Conference on Computer Science and Network Technology (ICCSNT).

[52]  Mansour Sheikhan,et al.  Modification of supervised OPF-based intrusion detection systems using unsupervised learning and social network concept , 2017, Pattern Recognit..

[53]  Alexandros G. Fragkiadakis,et al.  Anomaly-based intrusion detection of jamming attacks, local versus collaborative detection , 2015, Wirel. Commun. Mob. Comput..

[54]  Shubha Puthran,et al.  Intrusion Detection Using Improved Decision Tree Algorithm with Binary and Quad Split , 2016, SSCC.

[55]  Kwangjo Kim,et al.  Semi-supervised Botnet Detection Using Ant Colony Clustering , 2014, SCIS 2014.

[56]  Kwangjo Kim,et al.  Data Randomization and Cluster-Based Partitioning for Botnet Intrusion Detection , 2016, IEEE Transactions on Cybernetics.

[57]  Hüseyin Arslan,et al.  Impersonation attack identification for secure communication , 2013, 2013 IEEE Globecom Workshops (GC Wkshps).

[58]  Ravi Sankar,et al.  A Survey of Intrusion Detection Systems in Wireless Sensor Networks , 2014, IEEE Communications Surveys & Tutorials.

[59]  R. Yuste,et al.  Comparison Between Supervised and Unsupervised Classifications of Neuronal Cell Types: A Case Study , 2010, Developmental neurobiology.

[60]  Roland L. Dunbrack,et al.  The Role of Balanced Training and Testing Data Sets for Binary Classifiers in Bioinformatics , 2013, PloS one.

[61]  Gary Anthes,et al.  Deep learning comes of age , 2013, CACM.

[62]  Yen-Wei Chen,et al.  Feature Selection Using Recursive Feature Elimination for Handwritten Digit Recognition , 2009, 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[63]  Taoka Hidekazu,et al.  Scenarios for 5G mobile and wireless communications: the vision of the METIS project , 2014, IEEE Communications Magazine.

[64]  Francesco Palmieri,et al.  A distributed approach to network anomaly detection based on independent component analysis , 2014, Concurr. Comput. Pract. Exp..

[65]  R. Karthikeyan,et al.  Detection and Prevention of Impersonation Attack in Wireless networks , 2014 .

[66]  Gürsel Serpen,et al.  Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context , 2003, MLMTA.

[67]  Donald K. Wedding,et al.  Discovering Knowledge in Data, an Introduction to Data Mining , 2005, Inf. Process. Manag..

[68]  Zahir Tari,et al.  Dimensionality Reduction for Intrusion Detection Systems in Multi-data Streams—A Review and Proposal of Unsupervised Feature Selection Scheme , 2017 .

[69]  Eleazar Eskin,et al.  A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA , 2002 .