Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset

IEEE Communications Surveys and Tutorials

Volumn 18, Issue 1, 2016, Pages 184-208

  Kolias, Constantinos ^a   Kambourakis, Georgios ^a   Stavrou, Angelos ^b   Gritzalis, Stefanos ^a  

^a UNIVERSITY OF THE AEGEAN   (Greece)

^b George Mason University   (United States)

Author keywords

802.11; Attacks; Dataset; Intrusion detection; Security; WiFi

Indexed keywords

ARTIFICIAL INTELLIGENCE; LEARNING ALGORITHMS; LEARNING SYSTEMS; MERCURY (METAL); MOBILE SECURITY; NETWORK SECURITY; NEXT GENERATION NETWORKS; WI-FI; WIRELESS TELECOMMUNICATION SYSTEMS;

802.11; ATTACKS; DATASET; EMPIRICAL EVALUATIONS; NEXT-GENERATION WIRELESS NETWORK; SECURITY; SECURITY VULNERABILITIES; WIRELESS TECHNOLOGIES;

INTRUSION DETECTION;

EID: 84962359508     PISSN: None     EISSN: 1553877X     Source Type: Journal    
DOI: 10.1109/COMST.2015.2402161     Document Type: Article

References (69)

1. K. Bode, Wireless traffic to reach 11. 2 exabytes a month, Cisco, San Jose, CA, USA, 2013. [Online]. Available: http://www.dslreports.com/shownews/Cisco-Wireless-Traffic-to-Reach-112-Exabytes-a-Month-By-2017-123040
2. IEEE Standard for Information Technology, Telecommunications and Information Exchange Between Systems-Local and Metropolitan Area Networks-Specific Requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications, IEEE Std. 802. 11-1997, 1997. [Online]. Available: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=654749
3. L. Yong-lei, J. Zhi-gang, C. Zhe, and L. Jing-wei, "Design and implementation of high-speed brute forcer for wpa/wpa2-psk [j]," Comput. Eng., vol. 37, no. 10, pp. 125-127, 2011.
4. T. Labs, Cloudcracker, Nov. 2014. [Online]. Available: http://www.cloudcracker.net
5. IEEE Standard for Information TechnologyTelecommunications and Information Exchange Between SystemsLocal and Metropolitan Area NetworksSpecific Requirements. Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 4: Protected Management Frames, IEEE Std. 802. 11w-2009, 2009. [Online]. Available: http://standards.ieee.org/findstds/standard/802.11w-2009.html
6. M. S. Ahmad and S. Tadakamadla, "Short paper: Security evaluation of IEEE 802. 11w specification," in Proc. 4th ACM Conf. Wireless Netw. Security, 2011, pp. 53-58.
7. Aircrack-ng, Nov. 2014. [Online]. Available: http://www.aircrack-ng.org
8. C. He and J. C. Mitchell, "Security analysis and improvements for IEEE 802. 11i," in Proc. 12th Annu. NDSS Symp., Stanford, CA, USA, 2005, pp. 90-110.
9. L. Wang and B. Srinivasan, "Analysis and improvements over DoS attacks against IEEE 802. 11i standard," in Proc. 2nd Int. Conf. NSWCTC, 2010, vol. 2, pp. 109-113.
10. Cisco. (2014, Nov. ). Cisco adaptive wireless IPS software, San Jose, CA, USA. [Online]. Available: http://www.cisco.com/c/en/us/products/collateral/wireless/adaptive-wireless-ips-software/data-sheet-c78-501388.pdf
11. A. Tsakountakis, G. Kambourakis, and S. Gritzalis, "Towards effective wireless intrusion detection in IEEE 802. 11i," in Proc. 3rd Int. Workshop SECPerU, 2007, pp. 37-42.
12. N. Borisov, I. Goldberg, and D. Wagner, "Intercepting mobile communications: The insecurity of 802. 11," in Proc. 7th Annu. Int. Conf. Mobile Comput. Netw., 2001, pp. 180-189.
13. K.-H. Baek, S. W. Smith, and D. Kotz, "A survey of WPA and 802. 11i RSN authentication protocols," Dartmouth College Comput. Sci., Tech. Rep., 2004.
14. R. Gass, J. Scott, and C. Diot, "Measurements of in-motion 802. 11 networking," in Proc. 7th IEEE WMCSA, 2005, pp. 69-74.
15. The kdd99 Dataset, Nov. 2014. [Online]. Available: http://kdd.ics.uci.edu/databases/kddcup99/task.html
16. IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems, IEEE Std. 802. 16e-2005, i. s., 2005. [Online]. Available: http://standards.ieee.org/getieee802/download/802.16e-2005.pdf
17. Eur. Telecommun. Standards Inst. (2011). Universal Mobile Telecommunications System (UMTS); User Equipment (UE) Radio Transmission and Reception (FDD), 3rd Generation Partnership Project, Cedex, France. [Online]. Available: http://www.3gpp.org/specifications/79-specification-numbering
18. 3rd Generation Partnership Project. (2011). LTE; Evolved Universal Terrestrial Radio Access (E-UTRA); User Equipment (UE) Radio Transmission and Reception (3GPP TS 36. 101 Version 10. 3. 0 Release 10), Cedex, France. [Online]. Available: http://www.3gpp.org/DynaReport/36-series.htm
19. R. do Carmo and M. Hollick, "Dogoids: A mobile and active intrusion detection system for IEEE 802. 11s wireless mesh networks," in Proc. 2nd ACM Workshop Hot Topics Wireless Netw. Security Privacy, 2013, pp. 13-18.
20. N. Lyamin, A. Vinel, M. Jonsson, and J. Loo, "Real-time detection of denial-of-service attacks in IEEE 802. 11p vehicular networks," IEEE Commun. Lett., vol. 18, no. 1, pp. 110-113, Jan. 2014.
21. Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. Amendment 4: Enhancements for Very High Throughput for Operation in Bands Below 6 GHz, 2013. [Online]. Available: http://standards.ieee.org/getieee802/download/802.11ac-2013.pdf
22. L. Devi and A. Suganthi, "Denial of service attacks in wireless networks: The case of jammers," Int. J. Comput. Sci. Mobile Comput., vol. 3, no. 1, pp. 548-558, Jan. 2014.
23. S. Fluhrer, I. Mantin, and A. Shamir, "Weaknesses in the key scheduling algorithm of RC4," in Proc. Sel. Areas Cryptography, 2001, pp. 1-24.
24. A. Bittau, "Additional weak IV classes for the FMS attack," Dept. Comput. Sci., Univ. College London, London, U. K., 2003.
25. H. Berghel and J. Uecker, "WiFi attack vectors," Commun. ACM, vol. 48, no. 8, pp. 21-28, Aug. 2005.
26. R. Chaabouni, "BreakWEPfasterwithstatistical analysis,"Ecole Polytechnique Federale de Lausanne, Lausanne, Switzerland, Tech. Rep., 2006.
27. E. Tews, R.-P. Weinmann, and A. Pyshkin, "Breaking 104 bit WEP in less than 60 seconds," in Proc. 8th Int. Conf. Inf. Security Appl., 2007, pp. 188-202.
28. A. Klein, "Attacks on the RC4 stream cipher," Des., Codes Cryptography, vol. 48, no. 3, pp. 269-286, Sep. 2008.
29. R. Moskowitz, "Weakness in passphrase choice in WPA interface," Int. Comput. Security Assoc. Labs, 2003.
30. Y. Liu, Z. Jin, and Y. Wang, "Survey on security scheme and attacking methods of wpa/wpa2," in Proc. 6th Int. Conf. WiCOM, 2010, pp. 1-4.
31. Kore K, Nov. 2014, Chopchop (experimental WEP attacks). Online]. Available: http://www.netstumbler.org/unix-linux/chopchopexperimental-wep-attacks-t12489.html
32. A. Bittau, "The fragmentation attack in practice," in Proc. IEEE Symp. Security Privacy, 2005, pp. 1-15.
33. M. S. Ahmad and V. Ramachandran, Cafe latte with a free topping of cracked WEP retrieving WEP keys from road warriors 2007.
34. Hirte attack, Nov. 2014. [Online]. Available: http://www.aircrack-ng.org/doku.php?id=airbase-ng#hirte-attack-in-access-point-mode
35. IEEE Standard for Information Technology-Telecommunications and Information Exchange Between Systems-Local and Metropolitan Area Networks-Specific requirements. Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. Amendment 5: Enhancements for Higher Throughput, IEEE Std. 802. 11n-2009, 2012. [Online]. Available: http://standards.ieee.org/getieee802/download/802.11n-2009.pdf
36. K. Bicakci and B. Tavli, "Denial-of-service attacks and countermeasures in IEEE 802. 11 wireless networks," Comput. Standards Interfaces, vol. 31, no. 5, pp. 931-941, Sep. 2009.
37. T. D. Nguyen, D. Nguyen, B. N. Tran, H. Vu, and N. Mittal, "A lightweight solution for defending against deauthentication/disassociation attacks on 802. 11 networks," in Proc. 17th ICCCN, 2008, pp. 1-6.
38. I. Tinnirello and S. Choi, "Efficiency analysis of burst transmissions with block ACK in contention-based 802. 11e WLANs," in Proc. IEEE ICC, 2005, vol. 5, pp. 3455-3460.
39. Review of a MPDU DoS Issue, Nov. 2014. [Online]. Available: https://mentor.ieee.org/802.11/file/07/11-07-2163-01-000n-a-mpdu-securityissues.ppt
40. C. Liu, J. Yu, and G. Brewster, "Empirical studies and queuing modeling of denial of service attacks against 802. 11 WLANs," in Proc. IEEE Int. Symp. WoWMoM, 2010, pp. 1-9.
41. L. F. Meiners, "But ⋯ my Station is Awake! Power Save Denial of Service in 802. 11 Networks," 2009.
42. W. Gu, Z. Yang, D. Xuan, W. Jia, and C. Que, "Null data frame: A doubleedged sword in IEEE 802. 11 WLANs," IEEE Trans. Parallel Distrib. Syst., vol. 21, no. 7, pp. 897-910, Jul. 2010.
43. M. Malekzadeh, A. A. Ghani, J. Desa, and S. Subramaniam, "Empirical analysis of virtual carrier sense flooding attacks over wireless local area network," J. Comput. Sci., vol. 5, no. 3, pp. 214-220, 2009.
44. S. S. Sawwashere and S. U. Nimbhorkar, "Survey of RTS-CTS attacks in wireless network," in Proc. 4th Int. Conf. CSNT, 2014, pp. 752-755.
45. A. Martinez, U. Zurutuza, R. Uribeetxeberria, M. Fernandez, J. Lizarraga, A. Serna, and I Velez, "Beacon frame spoofing attack detection in IEEE 802. 11 networks," in Proc. 3rd Int. Conf. ARES, Mar. 2008, pp. 520-525.
46. F. Ferreri, M. Bernaschi, and L. Valcamonici, "Access points vulnerabilities to DoS attacks in 802. 11 networks," in Proc. WCNC, 2004, pp. 634-638.
47. N. Al-Gharabally, N. El-Sayed, S. Al-Mulla, and I. Ahmad, "Wireless Honeypots: Survey and assessment," in Proc. Conf. Inf. Sci., Technol. Appl., 2009, pp. 45-52.
48. Y. Song, C. Yang, and G. Gu, "Who is peeping at your passwords at Starbucks? To catch an evil twin access point," in Proc. IEEE/IFIP Int. Conf. DSN, 2010, pp. 323-332.
49. R. Beyah and A. Venkataraman, "Rogue-access-point detection: Challenges, solutions, future directions," IEEE Security Privacy, vol. 9, no. 5, pp. 56-61, Sep. /Oct. 2011.
50. A. M. Patel, A. R. Patel, and H. R. Patel, "Rap problems and solutions in 802. 11 wireless LAN," Int. J., vol. 2, no. 1, pp. 669-674, Jan. 2014.
51. V. Ramachandran, Backtrack 5 Wireless Penetration Testing: Beginners Guide. Birmingham, U. K. : Packt Publishing Ltd., 2011.
52. Mdk3, Nov. 2014. [Online]. Available: http://hack-it.org/index.php? title=Mdk3
53. File2air, Nov. 2014. [Online]. Available: http://www.willhackforsushi.com/?page-id=19
54. Lorcon-old source code, Nov. 2014. [Online]. Available: https://aur.archlinux.org/packages/lorcon-old-git/?setlang=en
55. Lorcon2 library, Nov. 2014. [Online]. Available: https://code.google.com/p/lorcon
56. J. Bellardo and S. Savage, "802. 11 denial-of-service attacks: Real vulnerabilities and practical solutions," in Proc. USENIX Security, 2003, pp. 15-28.
57. L. Arockiam, B. Vani, S. Sivagowry, and A. Persia, "A solution to prevent resource flooding attacks in 802. 11 WLAN," in Proc. Global Trends Comput. Commun. Syst., 2012, pp. 607-616.
58. H. Gonzales, K. Bauer, J. Lindqvist, D. McCoy, and D. Sicker, "Practical defenses for evil twin attacks in 802. 11," in Proc. IEEE GLOBECOM, 2010, pp. 1-6.
59. Metasploit, Nov. 2014. [Online]. Available: http://www.metasploit.com
60. Wireshark, Nov. 2014. [Online]. Available: http://www.wireshark.org
61. AWID. (2014, Nov. ). Aegean wireless intrusion dataset, Samos, Greece. Online]. Available: www.icsd.aegean.gr/awid/downloads
62. Univ. Waikato. (2014, Nov. ). Weka 3: Data mining software in Java, Hamilton, New Zealand. [Online]. Available: http://www.cs.waikato.ac.nz/ml/weka
63. N. P. Neelakantan and C. Nagesh, "Role of feature selection in intrusion detection systems for 802. 11 networks," Int. J. Smart Sensors Ad Hoc Netw., vol. 1, no. 1, pp. 98-101, 2011.
64. G. Kambourakis, C. Kolias, S. Gritzalis, and J. H. Park, "DoS attacks exploiting signaling in UMTS and IMS," Comput. Commun., vol. 34, no. 3, pp. 226-235, 2011.
65. C. Kolias, G. Kambourakis, and S. Gritzalis, "Attacks and countermeasures on 802. 16: Analysis and assessment," IEEE Commun. Surveys Tuts., vol. 15, no. 1, pp. 487-514, 2013.
66. C. Kolias, G. Kambourakis, and M. Maragoudakis, "Swarm intelligence in intrusion detection: A survey," Comput. Security, vol. 30, no. 8, pp. 625-642, 2011.
67. J. Hu, X. Yu, D. Qiu, and H.-H. Chen, "A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection," IEEE Netw., vol. 23, no. 1, pp. 42-47, Jan. /Feb. 2009.
68. S. X. Wu and W. Banzhaf, "The use of computational intelligence in intrusion detection systems: A review," Appl. Soft Comput., vol. 10, no. 1, pp. 1-35, 2010.
69. M. A. Beyer and D. Laney, "The Importance of big Data: A Definition". Stamford, CT, USA: Gartner, 2012.