Wireless intrusion prevention system using dynamic random forest against wireless MAC spoofing attack

Seok-Hwan Choi, Doo-Hee Hwang, Yoon-Ho Choi
{"title":"Wireless intrusion prevention system using dynamic random forest against wireless MAC spoofing attack","authors":"Seok-Hwan Choi, Doo-Hee Hwang, Yoon-Ho Choi","doi":"10.1109/DESEC.2017.8073804","DOIUrl":null,"url":null,"abstract":"With the emergency of Bring Your Own Device (BOYD) and Internet of Things (IoT) in enterprises, there has been an increase in the use of wireless networks through mobile devices and tablet computers. However, as a negative effect, such increase has also led to increased security threat in wireless networks and thus, the importance of wireless network security has increased. As a way to cope with such threat, many enterprises have introduced wireless intrusion prevention system (WIPS) solution, which consists of WIPS sensors and a centralized WIPS server. By monitoring the radio signal in wireless local area networks (LAN), WIPS solution shuts off access by an unauthorized wireless device and prevents an rogue Access Point (AP). In this paper, we propose an implementation framework for WIPS solution that ananlzes the received signal strength (RSS) values collected from multiple WIPS sensors. By overcoming the performance (including accuracy and F-measure) decrease in the wireless environment with much noise, the proposed WIPS solution shows the high performance even under the wireless environment with low signal-to-noise ratio (SNR). For this purpose, the proposed WIPS solution analyzes the RSS values collected from multiple WIPS sensors by using a dynamic random forest (DRF) algorithm. By adding trees that are the most suitable to forest, the DRF algorithm can improve the performance of the WIPS solution. From the experimental results, it is observed that the proposed WIPS solution combined with the DRF algorithm shows the good-enough performance under various SNR and attack distance.","PeriodicalId":92346,"journal":{"name":"DASC-PICom-DataCom-CyberSciTech 2017 : 2017 IEEE 15th International Conference on Dependable, Autonomic and Secure Computing ; 2017 IEEE 15th International Conference on Pervasive Intelligence and Computing ; 2017 IEEE 3rd International...","volume":"10 1","pages":"131-137"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"DASC-PICom-DataCom-CyberSciTech 2017 : 2017 IEEE 15th International Conference on Dependable, Autonomic and Secure Computing ; 2017 IEEE 15th International Conference on Pervasive Intelligence and Computing ; 2017 IEEE 3rd International...","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DESEC.2017.8073804","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7

Abstract

With the emergency of Bring Your Own Device (BOYD) and Internet of Things (IoT) in enterprises, there has been an increase in the use of wireless networks through mobile devices and tablet computers. However, as a negative effect, such increase has also led to increased security threat in wireless networks and thus, the importance of wireless network security has increased. As a way to cope with such threat, many enterprises have introduced wireless intrusion prevention system (WIPS) solution, which consists of WIPS sensors and a centralized WIPS server. By monitoring the radio signal in wireless local area networks (LAN), WIPS solution shuts off access by an unauthorized wireless device and prevents an rogue Access Point (AP). In this paper, we propose an implementation framework for WIPS solution that ananlzes the received signal strength (RSS) values collected from multiple WIPS sensors. By overcoming the performance (including accuracy and F-measure) decrease in the wireless environment with much noise, the proposed WIPS solution shows the high performance even under the wireless environment with low signal-to-noise ratio (SNR). For this purpose, the proposed WIPS solution analyzes the RSS values collected from multiple WIPS sensors by using a dynamic random forest (DRF) algorithm. By adding trees that are the most suitable to forest, the DRF algorithm can improve the performance of the WIPS solution. From the experimental results, it is observed that the proposed WIPS solution combined with the DRF algorithm shows the good-enough performance under various SNR and attack distance.
无线入侵防御系统利用动态随机森林抵御无线MAC欺骗攻击
随着企业“自带设备”(Bring Your Own Device, BOYD)和物联网(Internet of Things, IoT)的兴起,通过移动设备和平板电脑使用无线网络的情况有所增加。然而,这种增加的负面影响也导致无线网络的安全威胁增加,因此,无线网络安全的重要性增加。为了应对这种威胁,许多企业引入了无线入侵防御系统(WIPS)解决方案,该解决方案由WIPS传感器和集中式WIPS服务器组成。WIPS解决方案通过监控无线局域网(LAN)中的无线电信号,切断未经授权的无线设备的接入,防止非法接入点(AP)的出现。在本文中,我们提出了一个WIPS解决方案的实现框架,分析从多个WIPS传感器收集的接收信号强度(RSS)值。该方案克服了在高噪声无线环境下性能(包括精度和F-measure)下降的问题,即使在低信噪比的无线环境下也能保持较高的性能。为此,提出的WIPS解决方案使用动态随机森林(DRF)算法分析从多个WIPS传感器收集的RSS值。通过添加最适合森林的树,DRF算法可以提高WIPS方案的性能。实验结果表明,本文提出的WIPS方案与DRF算法相结合,在不同信噪比和攻击距离下均具有良好的性能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信