Analysis of Performance Metrics on the Environment of Intrusions in IEEE 802.11 Networks with Machine Learning at Hospital N.S.C.
DOI:
https://doi.org/10.33448/rsd-v12i4.41277Keywords:
Threats; Quality; Evidences.Abstract
The security present in IEEE 802.11 networks becomes more relevant every day. However, security on the IEEE 802.11 network has not kept pace with threats with as much significance. For this reason, the proposal arises to design an Intrusion Detection System-IDS based on machine learning that will be able to have self-improvement, since it will create a safe environment, capable of detecting all disguised threats, Deauthentication, EAPOL-Logoff and Beacon Flood, where they were launched on a real corporate network. With this, correlated the performance metrics, and among them, which values the quality of the classification, the Matthews Correlation Coefficient. The Deauthentication anomaly above the Naive Bayes classifier was obtained (88,71%), whereas the quality value of the Logistic Regression (Logistic) classifier was equated to (88,69%), and nevertheless, the J48 presented a lower value of (88,47%). Despite this, the identification of the Beacon Flood attack was due to the Naive Bayes algorithm showing the highest detection rate (100,00%), followed by Logistic (99,95%) and J48 having the lowest value (98,85 %). As a result, in the detection of the EAPOL-Logoff anomaly, the classifications presented similarity of (100,00%) and the others, with the presentation of a detection, due to non-anomalous data (Normal), the Naive Bayes was affected by (89,92%), followed by Logistic maintaining (89,89%), while J48 was tested with a lower rate (89,67%). With the study evidences provide the possibility that it is possible to develop an intrusion detection system based on wireless networks.
References
Abracadabra (2018). Micro- and Macro-average of Precision, Recall and F-Score. Website Tomaxent. https://tomaxent.com/2018/04/27/Micro-and-Macro-average-of-Precision-Recall-and-F-Score/.
Aggarwal C. C. (2014). Data Classification: Algorithms and Applications. Chapman & Hall/CRC.
Ahmad, M. S., & Tadakamadla, S. (2011). Short Paper: Security Evaluation of IEEE 802.11w Specification. In Proceedings of the Fourth ACM Conference on Wireless Network Security.Association for Computing Machinery, 53–58. http://dx.doi.org/10.1145/1998412.1998424.
Aircrack-ng. AIRCRACK-NG(2022). http://www.aircrack-ng.org/doku.php.
Aminanto, M. E., Wicaksono, R. S. H., Aminanto, A. E., Tanuwidjaja, H. C., Yola, L., & Kim, K. (2022). Multi-Class Intrusion Detection Using Two-Channel Color Mapping in IEEE 802.11 Wireless Network. IEEE Access, 10, 36791–36801. https://doi.org/10.1109/ACCESS.2022.3164104.
Arasaki, A. M. & Della Flora, J. C. L. (2012). Teste de intrusão em redes sem fio padrão 802.11. 63p. Monografia - Curso de Pós-Graduação em Redes de Computadores e Segurança de Dados. Centro Universitário Filadélfia de Londrina - UniFil, Londrina.
Barford, P., Kline, J., Plonka, D., & Ron, A. (2002). A Signal Analysis of Network Traffic Anomalies. In Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurment. Association for Computing Machinery, 71–82. https://doi.org/10.1145/637201.637210.
Cessie, S. L., & Houwelingen, J. C. V. (1992). Ridge Estimators in Logistic Regression. Journal of the Royal Statistical Society. Series C (Applied Statistics), 41(1), 191–201.http://dx.doi.org/10.2307/2347628.
Feng, P. (2012). Wireless LAN security issues and solutions. In 2012 IEEE Symposium on Robotics and Applications (ISRA), 921–924. https://doi.org/10.1109/ISRA.2012.6219343.
IEEE Standard for Information Technology- Telecommunications and Information Exchange Between Systems- Local and Metropolitan Area Networks- Specific Requirements- Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. (2003). ANSI/IEEE Std 802.11, 1999 Edition (R2003), i-513. https://doi.org/10.1109/IEEESTD.2003.95617.
IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements. Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 4: Protected Management Frames. (2009). IEEE Std 802.11w-2009 (Amendment to IEEE Std 802.11-2007 as amended by IEEE Std 802.11k-2008, IEEE Std 802.11r-2008, and IEEE Std 802.11y-2008), 1–111.https://doi.org/10.1109/IEEESTD.2009.5278657.
IEEE Standard for information technology-Telecommunications and information exchange between systems-Local and metropolitan area networks-Specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications: Amendment 6: Medium Access Control (MAC) Security Enhancements. (2004). IEEE Std 802.11i-2004, 1–190. https://doi.org/10.1109/IEEESTD.2004.94585.
Java (2022). Java. https://www.java.com.
John, G. H., & Langley, P. (1995). Estimating Continuous Distributions in Bayesian Classifiers. In Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence. Morgan Kaufmann Publishers Inc. 338–345. https://dl.acm.org/doi/10.5555/2074158.2074196.
Linhares, A.G., & Gonçalves, P. A. da S. (2012). Uma análise dos mecanismos de segurança de redes IEEE 802.11: WEP, WPA, WPA2 e IEEE 802.11 w. 1-10. https://www.cin.ufpe.br/~pasg/gpublications/LiGo06.pdf.
Liu, Y., Cheng, J., Yan, C., Wu, X., & Chen, F. (2015b). Research on the Matthews Correlation Coefficients Metrics of Personalized Recommendation Algorithm Evaluation. International Journal of Hybrid Information Technology, 8(1), 163–172. https://gvpress.com/journals/IJHIT/vol8_no1/14.pdf.
Mdk3. Penetration Testing Tools. (2022). https://en.kali.tools/?p=34.
Mitchell, T. (1997). Machine Learning (Mcgraw-Hill International Edit). McGraw-Hill Education (ISE Editions).
Morimoto, C. E. (2008). Redes, Guia Prático. Sul Editores.
Patil, B., & Agarkhed, J. (2020). An Exploratory Machine Learning Technique for Investigating Intrusion in Wireless Sensor Networks. In 2020 IEEE Bangalore Humanitarian Technology Conference (B-HTC), 1–6. https://doi.org/10.1109/B-HTC50970.2020.9297969.
Qin, Y., Li, B., Yang, M., & Yan, Z. (2018). Attack Detection for Wireless Enterprise Network: a Machine Learning Approach. In 2018 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), 1–6. https://doi.org/10.1109/ICSPCC.2018.8567797.
Quincozes, S. E., & Kazienko, J. F. (2020). Machine Learning Methods Assessment for Denial of Service Detection in Wireless Sensor Networks. In 2020 IEEE 6th World Forum on Internet of Things (WF-IoT), 1–6. https://doi.org/10.1109/WF-IoT48130.2020.9221146.
Quinlan, J. (1995). MDL and Categorical Theories (Continued). In A. Prieditis & S. Russell (Eds.), Machine Learning Proceedings 1995. Morgan Kaufmann. 464–470.
Ravipati, R. D., & Abualkibash, M. (2019). Intrusion Detection System Classification Using Different Machine Learning Algorithms on KDD-99 and NSL-KDD Datasets - A Review Paper. SSRN Electronic Journal, 11(3),1-16. http://dx.doi.org/10.2139/ssrn.3428211.
Scarfone, K. A., & Mell, P. M. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS). National Institute of Standards and Technology, 800-94.
Tarca, A. L., Carey, V. J., Chen, X.-w., Romero, R., & Drăghici, S. (2007). Machine Learning and Its Applications to Biology. PLoS Computational Biology, 3(6), e116.
Tews, E. (2007). Attacks on the WEP Protocol. Cryptology ePrint Archive, 471, 1-125. https://eprint.iacr.org/2007/471.pdf.
Wi-Fi Alliance (2003). Wi-Fi Protected Access: Strong, Standards-based, Interoperable Security for Today’s Wi-Fi Networks. https://www.cs.kau.se/cs/education/courses/dvad02/p1/Papers%20Wireless/Wi-Fi%20Protected%20Access%20-%20Whitepaper.pdf.
Wireshark (2022).The world's most popular network protocol analyzer. https://www.wireshark.org/.
Witten, I. H., Frank, E., A, H. M., & Pal, C. (2016). Data Mining: Practical Machine Learning Tools and Techniques. Elsevier Science & Technology
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Matheus Santos Andrade; Jonathas Carvalho de Freitas; Aldo César dos Santos Dultra; Ubiratan Silva de Souza Junior
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
1) Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2) Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3) Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.