Abstract
This paper presents a genetic programming approach to detect deauthentication attacks on wireless networks based on the 802.11 protocol. To do so we focus on developing an appropriate fitness function and feature set. Results show that the intrusion system developed not only performs incredibly well – 100 percent detection rate and 0.5 percent false positive rate – but also developed a solution that is general enough to detect similar attacks, such as disassociation attacks, that were not present in the training data.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lundin, E., Jonsson, E.: Survey of intrusion detection research (2002)
Mukkamala, S., Sung, A.: A comparative study of techniques for intrusion detection. In: 15th IEEE International Conference on Tools with Artificial Intelligence – ICTAI, pp. 570–577 (2003)
Xia, T., Qu, G., Hariri, S., Yousif, M.: An efficient network intrusion detection method based on information theory and genetic algorithm. In: Performance, Computing, and Communications Conference, 2005. IPCCC 2005, pp. 11–17 (2005)
Sinclair, C., Pierce, L., Matzner, S.: An application of machine learning to network intrusion detection. In: Computer Security Applications Conference, ACSAC 1999, pp. 371–377 (1999)
Gong, R.H., Zulkernine, M., Abolmaesumi, P.: A software implementation of a genetic algorithm based approach to network intrusion detection. In: Sixth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing - SNPD/SAWN 2005, pp. 246–253 (2005)
Li, W.: Using genetic algorithm for network intrusion detection, Kansas City, Kansas. In: United States Department of Energy Cyber Security Group 2004 Training Conference (2004)
Song, D., Heywood, M.I., Zincir-Heywood, A.N.: Training genetic programming on half a million patterns: an example from anomaly detection. IEEE Transactions on Evolutionary Computation 9(3), 225–239 (2005)
Lu, W., Traore, I.: Detecting new forms of network intrusion using genetic programming. In: Sarker, R., Reynolds, R., Abbass, H., Tan, K.C., McKay, B., Essam, D., Gedeon, T. (eds.) Proceedings of the 2003 Congress on Evolutionary Computation CEC 2003, Canberra, pp. 2165–2172. IEEE Press, Los Alamitos (2003)
Crosbie, M., Spafford, E.H.: Applying genetic programming to intrusion detection. In: Siegel, E.V., Koza, J.R. (eds.) Working Notes for the AAAI Symposium on Genetic Programming, pp. 1–8. MIT, Cambridge (1995)
Bellardo, J., Savage, S.: 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In: USENIX Security Symposium, pp. 15–28 (2003)
IEEE-SA Standards Board: ANSI/IEEE Std 802.11, 1999 Edition (R2003). IEEE, New York (1999)
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)
Borisov, N., Goldberg, I., Wagner, D.: Intercepting mobile communications: The insecurity of 802.11 (2001), http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
Kershaw, M.: Kismet (2005), http://www.kismetwireless.net/
Schmoyer, T., Lim, Y.X., Owen, H.: Wireless Intrusion Detection and Response: A case study using the classic man-in-the-middle attack. In: IEEE Wireless Communications and Networking Conference, Atlanta Ga (2004)
Heywood, M.I., Zincir-Heywood, A.N.: Dynamic page based crossover in linear genetic programming. IEEE Transactions on Systems, Man, and Cybernetics: Part B - Cybernetics 32(3), 380–388 (2002)
Gathercole, C., Ross, P.: Dynamic training subset selection for supervised learning in genetic programming. In: Davidor, Y., Männer, R., Schwefel, H.-P. (eds.) PPSN 1994. LNCS, vol. 866, pp. 312–321. Springer, Heidelberg (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
LaRoche, P., Zincir-Heywood, A.N. (2006). 802.11 De-authentication Attack Detection Using Genetic Programming. In: Collet, P., Tomassini, M., Ebner, M., Gustafson, S., Ekárt, A. (eds) Genetic Programming. EuroGP 2006. Lecture Notes in Computer Science, vol 3905. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11729976_1
Download citation
DOI: https://doi.org/10.1007/11729976_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33143-8
Online ISBN: 978-3-540-33144-5
eBook Packages: Computer ScienceComputer Science (R0)