Skip to main content
SpringerLink
Log in

A Statistical Pattern Mining Approach for Identifying Wireless Network Intruders

  • Conference paper
Advances in Computing and Information Technology

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 176))

Abstract

In this paper, we present a statistical pattern mining approach to model the usage patterns of authenticated users to identify wireless network intruders. Considering users activities in terms of ICMP packets sent, DNS query requests and ARP requests, in this paper a statistical approach is presented to consolidate authenticated users activities over a period of time and to derive a separate feature vector for each activity. The proposed approach also derives a local threshold for each category of network data analyzed. The learned features and local threshold for each category of data is used during detection phase of the system to identify intruders in the network. The novelty of the proposed method lies in the elimination of redundant and irrelevant features using PCA that often reduce detection performance both in terms of efficiency and accuracy. This also leads our proposed system to be light-weight and deployable in real-time environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lakhina, A., Crovella, M., Diot, C.: Diagnosing network-wide traffic anomalies. In: Proc. of the ACM SIGCOMM 2004, NY, USA, pp. 219–230 (2004)

    Google Scholar 

  2. Sekar, R., Gupta, A., Frullo, J., Shanbhag, T., Tiwari, A., Yang, H., Zhou, S.: Specification based anomaly detection: a new approach for detecting network intrusions. In: Proc. of the 9th ACM CCS, NY, USA, pp. 265–274 (2004)

    Google Scholar 

  3. Hu, Y.C., Perrig, A., Johnson, D.B.: Wormhole attacks in wireless networks. Journal on Selected Areas in Communications 24(2), 370–380 (2006)

    Article  Google Scholar 

  4. Caberera, J.D., Ravichandran, B., Mehra, R.K.: Statistical traffic modeling for network intrusion detection. In: Proc. of the 8th Int’l Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems, pp. 466–473 (2000)

    Google Scholar 

  5. Dickinson, P., Bunke, H., Dadej, A., Kraetzl, M.: Median graphs and anomalous change detection in communication networks. In: Proc. of the Information, Decision and Control, Australia, pp. 59–64 (2002)

    Google Scholar 

  6. Feather, F., Siewiorek, D., Maxion, R.: Fault detection in an ethernet network using anomaly signature matching. In: Proc. of the ACM SIGCOMM 1993, NY, USA, pp. 279–288 (1993)

    Google Scholar 

  7. Wang, X., Lin, T.L., Wong, J.: Feature Selection in intrusion detection system over mobile ad-hoc network. Technical Report. Iowa State University, USA (2005)

    Google Scholar 

  8. Mishra, A., Nadkarni, K., Patcha, A.: Intrusion detection in wireless ad-hoc networks. IEEE Wireless Communications 11(1), 48–60 (2004)

    Article  Google Scholar 

  9. Smith, L.I.: A tutorial on Principal Components Analysis (2002)

    Google Scholar 

  10. Wang, H.J., Guo, C., Simon, D., Zugenmaier, A.: Shield: vulnerability-driven network filters for preventing known vulnerability exploits. SIGCOMM Comput. Commun. Rev. (2004)

    Google Scholar 

  11. Garcia-Teodoro, P., Diaz-Verdejo, J., Macia-Femandez, G., Vezquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Computers and Security, 18–28 (2009)

    Google Scholar 

  12. Portnoy, L., Eskin, E., Stolfo, S.: Intrusion detection with unlabeled data using clustering. In: Proc. of ACM CSS Workshop on Data Mining Applied to Security, pp. 5–8 (2001)

    Google Scholar 

  13. Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection using neural networks and support vector machines. In: Proc. of the Int’l. Joint Conf. on Neural Networks, pp. 1702–1707 (2002)

    Google Scholar 

  14. Haldar, N. Al-H., Abulaish, M., Pasha, S.A.: An activity pattern based wireless intrusion detection system. In: Proc. of the 9th Int’l. Conf. on Information Technology–New Generations, Las Vegas, USA (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Comviva Technologies Pvt. Ltd., Gurgaon, Haryana, India

    Nur Al Hasan Haldar

  2. Center of Excellence in Information Assurance, King Saud University, Riyadh, Saudi Arabia

    Muhammad Abulaish

  3. Ericsson India, Gurgaon, Haryana, India

    Syed Asim Pasha

Authors
  1. Nur Al Hasan Haldar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Muhammad Abulaish
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Syed Asim Pasha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nur Al Hasan Haldar .

Editor information

Editors and Affiliations

  1. , Department of Computer Science, Jackson State University, John R. Lynch Street 1400, Jackson, 39217, USA

    Natarajan Meghanathan

  2. Wireilla Net Solutions PTY Ltd, Melbourne, Australia

    Dhinaharan Nagamalai

  3. Department of Computer Science & Eng., University of Calcutta, Calcutta, 700 073, India

    Nabendu Chaki

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Haldar, N.A.H., Abulaish, M., Pasha, S.A. (2012). A Statistical Pattern Mining Approach for Identifying Wireless Network Intruders. In: Meghanathan, N., Nagamalai, D., Chaki, N. (eds) Advances in Computing and Information Technology. Advances in Intelligent Systems and Computing, vol 176. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31513-8_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31513-8_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31512-1

  • Online ISBN: 978-3-642-31513-8

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation