Abstract
With the advancement of technology, the use of wireless media and devices are increasing every day. In particular, the use of wireless local area networks (WLAN) has increased rapidly in recent years and is expected to increase further. The current state of wireless local area network technologies makes the network vulnerable to attacks ranging from passive listening to active intervention. Intrusion detection systems (IDSs) are being developed against these kinds of attacks. The IDSs play an important role in WLAN security by detecting and preventing malicious activities. However, most techniques used in IDSs cannot cope with dynamic and complex attacks. The aim of this study is to reduce the deficiencies in present IDSs for WLANs and build a more effective system which can detect unknown and complex attack variants dynamically. In this context, a methodology has been proposed. The proposed methodology basically has two contributions. The first contribution is the Feature Selection Approach (FSAP) to increase the speed of attack detection by reducing the number of used features. The second contribution is the hybrid attack detection technique, SABADT (Signature and Anomaly Based Attack Detection Technique), which detects attacks fast and with high accuracy. The proposed methodology is implemented on the KDD’99 and UNSW-NB15 datasets. The obtained results are compared with existing machine learning techniques. The detection model is created by using KDD’99, UNSW-NB15 training dataset and tested on the KDD’99 and UNSW-NB15 training dataset. The obtained 99.65% and 99.17% accuracy rates are quite high when compared to leading methods in the literature. In addition, common attack tools were used to obtain a mix of normal activities and current attack behaviors in order to test on novel attacks within the scope of the study. These different types of attacks were captured with the Wireshark tool. Some of the captured attacks were used only in the testing phase. Here, the attacks were detected with an accuracy rate of 99.69%.
Highlights
With the advancement of technology, cables have left most of our lives and have been replaced by wireless devices and technologies [1]
Intrusion Detection Systems are widely used in detection of both unknown and known attacks carried out by both external and internal attackers in wireless networks
Host based intrusion detection system for DoS It is confident and efficient, as it applied to distributed attack
Summary
With the advancement of technology, cables have left most of our lives and have been replaced by wireless devices and technologies [1]. The popularity and rapid development of wireless technology has made our daily life easier, but it has brought more security problems [4,5]. For these reasons, interest in network intrusion detection systems (NIDSs) has increased among researchers [6,7]. Intrusion Detection Systems are widely used in detection of both unknown and known attacks carried out by both external and internal attackers in wireless networks. Security standards for WLAN are still ambiguous for protection [8]
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.