IEEE 802.11 anomaly-based behavior analysis

Fast, easy and inexpensive deployment of wireless networks has made them one of the most popular communication environments. Wireless networks are becoming ubiquitous and widely used to transfer critical information such as banking accounts, credit cards, e-mails and social network credentials. The more pervasive the wireless technology is going to be, the more important its security issue will be. The current security protocols for wireless networks have addressed the privacy and confidentiality issues, but failed to address other important security attributes such as availability and integrity (e.g. denial of service, session hijacking and MAC address spoofing attacks). In this paper we describe an anomaly-based intrusion detection system for the IEEE 802.11 wireless networks, based on tempo-spatial data analysis technique to detect deviations from normal behaviors that are triggered by wireless network attacks. Our anomaly behavior analysis of the 802.11 protocol is based on n-gram pattern analysis. We apply statistical techniques to quantify the n-transition patterns in the protocol and determine the probabilities of these transitions being normal.