802.11 De-authentication Attack Detection Using Genetic Programming

  • Patrick LaRoche
  • A. Nur Zincir-Heywood
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3905)


This paper presents a genetic programming approach to detect deauthentication attacks on wireless networks based on the 802.11 protocol. To do so we focus on developing an appropriate fitness function and feature set. Results show that the intrusion system developed not only performs incredibly well – 100 percent detection rate and 0.5 percent false positive rate – but also developed a solution that is general enough to detect similar attacks, such as disassociation attacks, that were not present in the training data.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lundin, E., Jonsson, E.: Survey of intrusion detection research (2002)Google Scholar
  2. 2.
    Mukkamala, S., Sung, A.: A comparative study of techniques for intrusion detection. In: 15th IEEE International Conference on Tools with Artificial Intelligence – ICTAI, pp. 570–577 (2003)Google Scholar
  3. 3.
    Xia, T., Qu, G., Hariri, S., Yousif, M.: An efficient network intrusion detection method based on information theory and genetic algorithm. In: Performance, Computing, and Communications Conference, 2005. IPCCC 2005, pp. 11–17 (2005)Google Scholar
  4. 4.
    Sinclair, C., Pierce, L., Matzner, S.: An application of machine learning to network intrusion detection. In: Computer Security Applications Conference, ACSAC 1999, pp. 371–377 (1999)Google Scholar
  5. 5.
    Gong, R.H., Zulkernine, M., Abolmaesumi, P.: A software implementation of a genetic algorithm based approach to network intrusion detection. In: Sixth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing - SNPD/SAWN 2005, pp. 246–253 (2005)Google Scholar
  6. 6.
    Li, W.: Using genetic algorithm for network intrusion detection, Kansas City, Kansas. In: United States Department of Energy Cyber Security Group 2004 Training Conference (2004)Google Scholar
  7. 7.
    Song, D., Heywood, M.I., Zincir-Heywood, A.N.: Training genetic programming on half a million patterns: an example from anomaly detection. IEEE Transactions on Evolutionary Computation 9(3), 225–239 (2005)CrossRefGoogle Scholar
  8. 8.
    Lu, W., Traore, I.: Detecting new forms of network intrusion using genetic programming. In: Sarker, R., Reynolds, R., Abbass, H., Tan, K.C., McKay, B., Essam, D., Gedeon, T. (eds.) Proceedings of the 2003 Congress on Evolutionary Computation CEC 2003, Canberra, pp. 2165–2172. IEEE Press, Los Alamitos (2003)CrossRefGoogle Scholar
  9. 9.
    Crosbie, M., Spafford, E.H.: Applying genetic programming to intrusion detection. In: Siegel, E.V., Koza, J.R. (eds.) Working Notes for the AAAI Symposium on Genetic Programming, pp. 1–8. MIT, Cambridge (1995)Google Scholar
  10. 10.
    Bellardo, J., Savage, S.: 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In: USENIX Security Symposium, pp. 15–28 (2003)Google Scholar
  11. 11.
    IEEE-SA Standards Board: ANSI/IEEE Std 802.11, 1999 Edition (R2003). IEEE, New York (1999)Google Scholar
  12. 12.
    Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: The insecurity of 802.11 (2001),
  14. 14.
    Kershaw, M.: Kismet (2005),
  15. 15.
    Schmoyer, T., Lim, Y.X., Owen, H.: Wireless Intrusion Detection and Response: A case study using the classic man-in-the-middle attack. In: IEEE Wireless Communications and Networking Conference, Atlanta Ga (2004)Google Scholar
  16. 16.
    Heywood, M.I., Zincir-Heywood, A.N.: Dynamic page based crossover in linear genetic programming. IEEE Transactions on Systems, Man, and Cybernetics: Part B - Cybernetics 32(3), 380–388 (2002)CrossRefGoogle Scholar
  17. 17.
    Gathercole, C., Ross, P.: Dynamic training subset selection for supervised learning in genetic programming. In: Davidor, Y., Männer, R., Schwefel, H.-P. (eds.) PPSN 1994. LNCS, vol. 866, pp. 312–321. Springer, Heidelberg (1994)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Patrick LaRoche
    • 1
  • A. Nur Zincir-Heywood
    • 1
  1. 1.Faculty of Computer ScienceDalhousie UniversityHalifax, Nova ScotiaCanada

Personalised recommendations