Skip to main content
SpringerLink
Log in

WiFi Miner: An Online Apriori-Infrequent Based Wireless Intrusion System

  • Conference paper
Knowledge Discovery from Sensor Data (Sensor-KDD 2008)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5840))

Included in the following conference series:

Abstract

Intrusion detection in wireless networks has become a vital part in wireless network security systems with wide spread use of Wireless Local Area Networks (WLAN). Currently, almost all devices are Wi-Fi (Wireless Fidelity) capable and can access WLAN. This paper proposes an Intrusion Detection System, WiFi Miner, which applies an infrequent pattern association rule mining Apriori technique to wireless network packets captured through hardware sensors for purposes of real time detection of intrusive or anomalous packets. Contributions of the proposed system includes effectively adapting an efficient data mining association rule technique to important problem of intrusion detection in a wireless network environment using hardware sensors, providing a solution that eliminates the need for hard-to-obtain training data in this environment, providing increased intrusion detection rate and reduction of false alarms.

The proposed system, WiFi Miner solution approach is to find frequent and infrequent patterns on pre-processed wireless connection records using infrequent pattern finding Apriori algorithm proposed by this paper. The proposed Online Apriori-Infrequent algorithm improves the join and prune step of the traditional Apriori algorithm with a rule that avoids joining itemsets not likely to produce frequent itemsets as their results, there by improving efficiency and run times significantly. An anomaly score is assigned to each packet (record) based on whether the record has more frequent or infrequent patterns. Connection records with positive anomaly scores have more infrequent patterns than frequent patterns and are considered anomalous packets.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agrawal, R., Srikant, R.: Fast Algorithms for Mining Association Rules in Large Databases. In: Proceedings of the 20th International Conference on very Large Databases, Santiago, Chile, pp. 487–499 (1994)

    Google Scholar 

  2. Aircrack (2007), Airdump Web Page, http://airdump.net/papers/packet-injection-windows

  3. Aireplay (2007), Airdump Web Page, http://airdump.net/papers/packet-injection-windows

  4. Barbara, D., Couto, J., Jadodia, S., Wu, N.: ADAM: A Testbed for exploring the Use of Data Mining in Intrusion Detection. ACM Sigmod Record (4): Special Selection on Data Mining for Intrusion Detection and Threat Analysis 30(4) (2001)

    Google Scholar 

  5. Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P., Srivastava, J., Kumar, V., Dokas, P.: The MINDS - Minnesota Intrusion Detection System. In: Next Generation Data Mining, ch. 3 (2004)

    Google Scholar 

  6. Engage Security (2007), Engage Security Web Page, http://www.engagesecurity.com

  7. Han, J., Kamber, M.: Data Mining: Concepts and Techniques. Morgan Kaufmann Publishers, New York (2001)

    Google Scholar 

  8. Han, J., Pei, J., Yin, Y., Mao, R.: Mining Frequent Patterns without Candidate Generation: A Frequent-Pattern Tree approach. International Journal of Data Mining and Knowledge Discovery 8(1), 53–87 (2004)

    Article  MathSciNet  Google Scholar 

  9. Imielinski, T., Swami, A., Agarwal, R.: Mining association rules between sets of items in large databases. In: Proceeding of the ACM SIGMOD conference on management of data, Washington D.C, May 1993, pp. 207–216 (1993)

    Google Scholar 

  10. Lee, W., Stolfo, S., Mok, K.: Mining Audit Data to Build Intrusion Detection Models. In: Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (KDD 1998), New York, NY, August 1998, pp. 66–72 (1998)

    Google Scholar 

  11. Lee, W., Stolfo Salvatore, J.: A Framework for Constructing Features and Models for Intrusion Detection Systems. ACM Transaction on Information and System Security 3(4), 227–261 (2000)

    Article  Google Scholar 

  12. Li, Q.-H., Xiong, J.-J., Yang, H.-B.: An Efficient Algorithm for Frequent Pattern in Intrusion Detection. In: Proceedings of the International Conference on Machine learning and cybernatics, November 2-5, vol. 1, pp. 138–142 (2003)

    Google Scholar 

  13. Liu, Y., Li, Y., Man, H., Jiang, W.: A hybrid data mining anomaly detection technique in ad hoc networks. International Journal of Wireless and Mobile Computing 2007 2(1), 37–46 (2007)

    Article  Google Scholar 

  14. Mahoney, V., Chan, P. K.: Learning Rules for Anomaly Detection of Hostile Network Traffic. In: Proceedings of the Third IEEE International Conference on Data Mining (ICDM), pp. 601–604 (2003)

    Google Scholar 

  15. Mannila, H., Toivonen, H.: Levelwise search and borders of theories in knowledge discovery. International Journal of Data Mining and Knowledge Discovery 1(3), 241–258 (2004)

    Article  Google Scholar 

  16. Marinova-Boncheva, V.: Applying a Data Mining method for intrusion detection. In: ACM International Conference Proceeding Series (2007)

    Google Scholar 

  17. NetworkChemistry, Network Chemistry Wireless Security Business (2007), http://www.networkchemistry.com

  18. Shimonski, R.J.: Wireless Attacks Primer. In: A whitepaper published on windowssecurity.com section: Articles: Wireless security (July 2004)

    Google Scholar 

  19. Yoshida, K.: Entropy based Intrusion Detection. In: IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, PACRIM, August 2003, vol. 2, pp. 28–30 (2003)

    Google Scholar 

  20. Zhengbing, H., Zhitang, L., Junqi, W.: A Novel Intrusion Detection System (NIDS) Based on Signature Search of Data Mining. In: 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop (January 2008)

    Google Scholar 

  21. Zhong, S., Khoshgoftaar, T., Nath, S.: A Clustering Approach to Wireless Network Intrusion Detection. In: 17th IEEE International Conference on Tools with Artificial Intelligence (ICTAI 2005), pp. 190–196 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, University of Windsor, Windsor, Ontario, Canada, N9B 3P4

    Ahmedur Rahman, C. I. Ezeife & A. K. Aggarwal

Authors
  1. Ahmedur Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. C. I. Ezeife
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. K. Aggarwal
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Centre for Distributed Systems and Software Engineering, Monash University, 900 Dandenong Road, Caulfield East, 3145, Melbourne, VIC, Australia

    Mohamed Medhat Gaber

  2. Oak Ridge National Laboratory, Computational Sciences and Engineering Division, 37831, Oak Ridge, TN, USA

    Ranga Raju Vatsavai , Olufemi A. Omitaomu  & Auroop R. Ganguly ,  & 

  3. Faculty of Economics, LIAAD-INESC Porto, University of Porto, L.A. Rua de Ceuta, 118, 6, 4050-190, Porto, Portugal

    João Gama

  4. Computer Science and Engineering Department, University of Notre Dame, 353 Fitzpatrick Hall, 46556, Notre Dame, IN, USA

    Nitesh V. Chawla

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rahman, A., Ezeife, C.I., Aggarwal, A.K. (2010). WiFi Miner: An Online Apriori-Infrequent Based Wireless Intrusion System. In: Gaber, M.M., Vatsavai, R.R., Omitaomu, O.A., Gama, J., Chawla, N.V., Ganguly, A.R. (eds) Knowledge Discovery from Sensor Data. Sensor-KDD 2008. Lecture Notes in Computer Science, vol 5840. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12519-5_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-12519-5_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-12518-8

  • Online ISBN: 978-3-642-12519-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation