Title :
A Comparison Between Signature and GP-Based IDSs for Link Layer Attacks on WiFi Networks
Author :
Makanju, Adetokunbo ; LaRoche, Patrick ; Zincir-Heywood, A. Nur
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS
Abstract :
Data link layer attacks on WiFi networks are known to be one of the weakest points of WiFi networks. While these attacks are very simple in implementation, their effect on WiFi networks can be devastating. To this end, several intrusion detection systems (IDS) have been employed to detect these attacks. In this paper, we compare the ability of Snort-Wireless and a genetic programming (GP) based intrusion detector, in the detection of a particular data link layer attack, namely the deauthentication attack. We focus particularly on a scenario where the attacker stealthily injects the attack frames into the target network. Results show that the GP based detection system is much more robust against the different versions of the attack compared to Snort-Wireless and can achieve a detection rate in average 100% and a false positive rate in average 0.1%
Keywords :
digital signatures; genetic algorithms; security of data; wireless LAN; GP-based IDS; WiFi networks; data link layer attacks; deauthentication attack; genetic programming; intrusion detection systems; intrusion detector; snort-wireless; Computational intelligence; Data security; Detectors; Genetic programming; Intrusion detection; Open systems; Robustness; Wireless application protocol; Wireless communication; Wireless networks;
Conference_Titel :
Computational Intelligence in Security and Defense Applications, 2007. CISDA 2007. IEEE Symposium on
Conference_Location :
Honolulu, HI
Print_ISBN :
1-4244-0700-1
DOI :
10.1109/CISDA.2007.368156
