Skip to main content
SpringerLink
Log in

TermID: a distributed swarm intelligence-based approach for wireless intrusion detection

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

With the mushrooming of wireless access infrastructures, the amount of data generated, transferred and consumed by the users of such networks has taken enormous proportions. This fact further complicates the task of network intrusion detection, especially when advanced machine learning (ML) operations are involved in the process. In wireless environments, the monitored data are naturally distributed among the numerous sensor nodes of the system. Therefore, the analysis of data must either happen in a central location after first collecting it from the sensors or locally through collaboration by viewing the problem through a distributed ML perspective. In both cases, concerns are risen regarding the requirements of this demanding task in matters of required network resources and achieved security/privacy. This paper proposes TermID, a distributed network intrusion detection system that is well suited for wireless networks. The system is based on classification rule induction and swarm intelligence principles to achieve efficient model training for intrusion detection purposes, without exchanging sensitive data. An additional achievement is that the produced model is easily readable by humans. While these are the main design principles of our approach, the accuracy of the produced model is not compromised by the distribution of the tasks and remains at competitive levels. Both the aforementioned claims are verified by the results of detailed experiments withheld with the use of a publicly available security-focused wireless dataset.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Bellardo, J., Savage, S.: 802.11 denial-of-service attacks: Real vulnerabilities and practical solutions. In USENIX security, pp. 15–28 (2003)

  2. Kambourakis, G., Kolias, C., Gritzalis, S., Hyuk-Park, J.: Signaling-oriented dos attacks in UMTS networks. In: Park, J.H., Chen, H.H., Atiquzzaman, M., Kim, T.H., Yeo, S.S. (eds.) Advances in information security and assurance: third international conference and workshops, Workshops, ISA 2009, Seoul, Korea, June 25–27, 2009. Proceedings, pp. 280–289. Springer, Berlin Heidelberg (2009). doi:10.1007/978-3-642-02617-1_29

  3. Kolias, C., Kambourakis, G., Gritzalis, S.: Attacks and countermeasures on 802.16: analysis and assessment. Commun. Surv. Tutor. IEEE 15(1), 487–514 (2013)

    Article  Google Scholar 

  4. Bikos, A.N., Sklavos, N.: Lte/sae security issues on 4g wireless networks. Secur. Priv. IEEE 11(2), 55–62 (2013)

    Article  Google Scholar 

  5. Stahl, F., Bramer, M.: Scaling up classification rule induction through parallel processing. Knowl. Eng. Rev. 28(04), 451–478 (2013)

    Article  Google Scholar 

  6. Fidelis, M.V., Lopes, H.S., Freitas, A.A.: Discovering comprehensible classification rules with a genetic algorithm. In: Proceedings of the 2000 Congress on Evolutionary Computation 2000, vol. 1, pp. 805–810. IEEE (2000)

  7. Parpinelli, R.S., Lopes, H.S., Freitas, A.A.: Data mining with an ant colony optimization algorithm. IEEE Trans. Evolut. Comput. 6(4), 321–332 (2002)

    Article  MATH  Google Scholar 

  8. Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1), 18–28 (2009)

    Article  Google Scholar 

  9. Online.: Widz. http://www.securiteam.com/tools/5WP001F8VO.html (2016)

  10. Lockhart, A.: Snort wireless. http://www.snort-wireless.org (2016)

  11. Online: Snort wireless. http://lpc1.clpccd.cc.ca.us/lpc/jgonder/studentresources/TNT%20v.%202.6/docs/ids/airsnare/guide.htmlg (2016)

  12. Dragorn: Kismet. https://www.kismetwireless.net (2016)

  13. Networks, F.: airmagnet. https://www.airmagnet.com (2016)

  14. Zebra: airdefense. https://www.zebra.com/us/en/products/networks/wireless-lan/wlan-products/wlan-management-security/wids-wips.html (2016)

  15. Mandala, S., Ngadi, M.A., Abdullah, A.H.: A survey on MANET intrusion detection. Int. J. Comput. Sci. Secur. 2(1), 417–432 (2007)

    Google Scholar 

  16. Alrajeh, N.A., Khan, S., Shams, B.: Intrusion detection systems in wireless sensor networks: a review. Int. J. Distrib. Sens. Netw. 2013, 1–7 (2013). doi:10.1155/2013/167575

  17. Rakmachandran, V.: Chigula: Framework for wi fi ids and forensics. https://www.youtube.com/watch?v=dKrzkr2qUPo (2016)

  18. Kolias, C., Kambourakis, G., Maragoudakis, M.: Swarm intelligence in intrusion detection: a survey. comput. secur. 30(8), 625–642 (2011)

  19. Kolias, V., Kolias, C., Anagnostopoulos, I., Kayafas, E.: Rulemr: classification rule discovery with MapReduce. In: 2014 IEEE International Conference on Big Data (Big Data), pp. 20–28. IEEE (2014)

  20. Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutor. 18, 185–208 (2015). doi:10.1109/COMST.2015.2402161

  21. AWID.: Awid project—class distribution. http://icsdweb.aegean.gr/awid/features.html (2016)

  22. Fayaad, U.M., Irani, K.B.: Multi-interval discretization of continuous-valued attributes for classification learning. In: Park, J.H., Chen, H.H., Atiquzzaman, M., Kim, T.H., Yeo, S.S. (eds.) Proceedings of the thirteenth international joint conference on artificial intelligence (II), IJCAI-93 Vol 2, Seoul, Korea, August 28–September 3,1993. Proceedings, pp.1022–1027 (1993)

  23. Ramirez-Gallego, S., Garcia, S., Mourino-Talin, H., Martinez-Rego, D.: Distributed entropy minimization discretizer for big data analysis under apache spark. In: Trustcom/BigDataSE/ISPA, 2015 IEEE, vol. 2, pp. 33–40. (2015)

Download references

Acknowledgments

The authors sincerely thank the anonymous referees and the associate editor for their insightful comments and suggestions that helped to considerably improve the technical quality of the paper.

Author information

Authors and Affiliations

  1. George Mason University, Fairfax, VA, 22030, USA

    Constantinos Kolias

  2. University of Strathclyde, 16 Richmond St, Glasgow, G1 1XQ, UK

    Vasilis Kolias

  3. University of the Aegean, Samos, Greece

    Georgios Kambourakis

Authors
  1. Constantinos Kolias
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vasilis Kolias
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Georgios Kambourakis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Constantinos Kolias.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Research Involving Human Participants and/or Animals

The authors declare that no human participants were involved in this research.

Informed Consent

This research did not include healthcare intervention of human participants.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kolias, C., Kolias, V. & Kambourakis, G. TermID: a distributed swarm intelligence-based approach for wireless intrusion detection. Int. J. Inf. Secur. 16, 401–416 (2017). https://doi.org/10.1007/s10207-016-0335-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-016-0335-z

Keywords

Search

Navigation