An Intelligent Approach to Detect Probe Request Attacks in IEEE 802.11 Networks

  • Deepthi N. Ratnayake
  • Hassan B. Kazemian
  • Syed A. Yusuf
  • Azween B. Abdullah
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 363)

Abstract

In Wireless Local Area Networks (WLAN), beacon, probe request and response messages are unprotected, so the information is visible to sniffers. Probe requests can be sent by anyone with a legitimate Media Access Control (MAC) address, as association to the network is not required at this stage. Legitimate MAC addresses can be easily spoofed to bypass Access Point (AP) access lists. Attackers take advantage of these vulnerabilities and send a flood of probe request frames which can lead to a Denial-of-Service (DoS) to legitimate stations. This paper discusses an intelligent approach to recognise probe request attacks in WLANs. The research investigates and analyses WLAN traffic captured on a home wireless network, and uses supervised feedforward neural network with 4 input neurons, 2 hidden layers and an output neuron to determine the results. The computer simulation results demonstrate that this approach improves detection of MAC spoofing and probe request attacks considerably.

Keywords

IEEE 802.11 DoS Attacks Probe Request Flooding Attacks Wireless Supervised Feedforward Neural Network 

References

  1. 1.
    Goel, S., Kumar, S.: An Improved Method of Detecting Spoofed Attack in Wireless LAN. In: 1st International NETCOM, pp. 104–108 (2009)Google Scholar
  2. 2.
    Sood, K., Eszenyi, M.: Discover how using the IEEE standards approach plugs vulnerabilities and thwarts attacks (2008), http://software.intel.com/en-us/articles/secure-management-of-ieee-80211-wireless-lans/
  3. 3.
    IEEE: IEEE Std 802.11w, pp. C1-91 (2009) Google Scholar
  4. 4.
    Bernaschi, N., Ferreri, M., Valcamonici, L.: Access points vulnerabilities to DoS attacks in 802.11 networks. Wireless Networks 14(2), 159–169 (2008)CrossRefGoogle Scholar
  5. 5.
    Rumín, A.C., Guy, C.: VoIP over WLAN 802.11b simulations for infrastructure and ad-hoc networks. In: Proceedings LCS 2006, pp. 61–64 (2006)Google Scholar
  6. 6.
    Karygiannis, T., Owens, L.: Wireless network security, 802.11, bluetooth and handheld devices: recommendations of the national institute of standards and technology, NIST Special Publication 800-48 (2002), http://www.itsec.gov.cn/webportal/download/74.pdf
  7. 7.
    Bicakci, K., Tavli, B.: Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks. Computer Standards and Interfaces 31(5), 931–941 (2009)CrossRefGoogle Scholar
  8. 8.
    Bansal, R., Tiwari, S., Bansal, D.: Non-cryptographic methods of MAC spoof detection in wireless LAN. In: IEEE ICON 2008, pp. 1–6 (2008)Google Scholar
  9. 9.
    Malekzadeh, M., Ghani, A.A.A., Desa, J., Subramaniam, S.: Security improvement for management frames in IEEE 802.11 wireless networks. IJCSNS 7(6) (2007)Google Scholar
  10. 10.
    Guo, F., Chiueh, T.: Sequence Number-Based MAC Address Spoof Detection. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 309–329. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Madory, D.: New Methods of Spoof Detection in 802.11b Wireless Networking (2006), http://www.ists.dartmouth.edu/library/195.pdf
  12. 12.
    Li, Q., Trappe, W.: Detecting Spoofing and Anomalous Traffic in Wireless Networks via Forge-Resistant Relationships. IEEE Transactions on Information Forensics and Security 2(4), 793–808 (2007)CrossRefGoogle Scholar
  13. 13.
    Faria, D.B., Cheriton, D.R.: Detecting identity-based attacks in wireless networks using signal prints. In: Proceedings of the 5th ACM Workshop on Wireless Security (2006) Google Scholar
  14. 14.
    Ahmad, I., Abdullah, A.B., Alghamdi, A.S.: Comparative Analysis of Intrusion Detection Approaches. In: UKSim, pp. 586–591 (2010) Google Scholar
  15. 15.
    Lim, Y.-X., Yer, T.S., Levine, J., Owen, H.L.: Wireless intrusion detection and response. In: IEEE SIA Workshop, Man and Cybernetics Society, pp. 68–75 (2003)Google Scholar
  16. 16.
    Pleskonjic, D.: Wireless Intrusion Detection Systems (WIDS). In: 19th Annual Computer Security Applications Conference (2003) Google Scholar
  17. 17.
    Yang, H., Xie, L., Sun, J.: Intrusion detection solution to WLANs. In: Proceedings of the IEEE 6th Circuits and Systems Symposium on Emerging Technologies: Frontiers of Mobile and Wireless Communication, vol. 2, pp. 553–556 (2004)Google Scholar
  18. 18.
    Dasgupta, D., Gomez, J., Gonzalez, F., Kaniganti, M., Yallapu, K., Yarramsetti, R.: MMDS: Multilevel Monitoring and Detection System. In: Proceedings of the 15 the Annual Computer Security Incident Handling Conference, Ottawa, Canada, pp. 22–27 (2003)Google Scholar
  19. 19.
    Ataide, R.L.D.R., Abdelouahab, Z.: An Architecture for Wireless Intrusion Detection Systems Using Artificial Neural Networks. In: Novel Algorithms and Techniques in Telecommunications and Networking, pp. 355–360. Springer, Netherlands (2010)CrossRefGoogle Scholar
  20. 20.
    Chavan, S., Shah, K., Dave, N., Mukherjee, S., Abraham, A., Sanyal, S.: Adaptive neuro-fuzzy intrusion detection systems. In: Proceedings of ITCC, vol. 1, pp. 70–74 (2004)Google Scholar
  21. 21.
    Toosi, A.N., Kahani, M.: A Neuro-Fuzzy Classifier for Intrusion Detection Systems, CSICC (2006), http://profdoc.um.ac.ir/articles/a/15.pdf
  22. 22.
    Ahmad, I., Abdullah, A.B., Alghamdi, A.S.: Application of artificial neural network in detection of DOS attacks. In: Proceedings of the 2nd International Conference on SIN (2009)Google Scholar
  23. 23.
    He, C., Mitchell, J.C.: Security analysis and improvements for IEEE 802.11i. In: Proc. of the 12th Annual Network and Distributed System Security Symp., pp. 90–110 (2005)Google Scholar
  24. 24.
    IEEE: IEEE Std 802.11-2007, pp. C1-1184 (2007) Google Scholar
  25. 25.
    Ahmad, I., Abdullah, A.B., Alghamdi, A.S.: Application of artificial neural network in detection of probing attacks. In: IEEE Symp. on ISIEA, vol. 2, pp. 557–562 (2009)Google Scholar

Copyright information

© International Federation for Information Processing 2011

Authors and Affiliations

  • Deepthi N. Ratnayake
    • 1
  • Hassan B. Kazemian
    • 1
  • Syed A. Yusuf
    • 1
  • Azween B. Abdullah
    • 1
    • 2
  1. 1.Faculty of ComputingLondon Metropolitan UniversityLondon
  2. 2.Universiti Teknologi PETRONASTronohMalaysia

Personalised recommendations