A single supervised learning model to detect fake access points, frequency sweeping jamming and deauthentication attacks in IEEE 802.11 networks

Amoordon, Andy; Deniau, Virginie; Fleury, Anthony; Gransart, Christophe

doi:10.1016/j.mlwa.2022.100389

Cited by 5 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The approach of using an external device was due to the fact that they believed it was not a function the WAP could execute, a misconception our work has proven. Amoordon et al then extended their IDS method [ 57 ] by evaluating seven ML algorithms to determine whether the RSSI values of the beacon frames could provide additional accuracy. They argued that no single approach could detect rogue access points, jamming, and deauthentication attacks simultaneously and that their IDS could perform this, which is an assertion this work also disproves.…”

Section: Discussionmentioning

confidence: 99%

Preventing Attacks on Wireless Networks Using SDN Controlled OODA Loops and Cyber Kill Chains

Zanna

Radcliffe

Kumar

2022

Sensors

View full text Add to dashboard Cite

Impersonation-based attacks on wireless networks are easy to perform and can significantly impact network security. Their detection is problematic due to the attacks utilizing legitimate functions. This paper proposes a novel algorithm based on Observe-Orientate-Decide-Act (OODA) loop and Cyber Kill Chain (CKC) strategies to detect and neutralize these attacks. To evaluate this approach, we conducted experiments using four attack methods on a wireless router equivalent device, five wireless client devices, and two attack devices. The system employs a Radio Frequency (RF) device identification system and attack state machine implemented using a Software Defined Networking (SDN) architecture and the P4 programming language. The technique remains compliant with the IEEE 802.11 standard and requires no client-side modifications. The results show that the RF section detected 97.5% (average) of impersonated frames, and the overall method neutralized all attacks in the four attack scenarios. This outcome demonstrates that this technique, built on the OODA loops and CKC methodology, using SDN architecture and P4, is suitable for real-time detection and prevention of wireless impersonation attacks.

show abstract

Section: Discussionmentioning

confidence: 99%

Preventing Attacks on Wireless Networks Using SDN Controlled OODA Loops and Cyber Kill Chains

Zanna

Radcliffe

Kumar

2022

Sensors

View full text Add to dashboard Cite

show abstract

“…If one of them wants to issue a Deauthentication, it includes the hash in the Deauthentication to confirm its identity. The research [26] makes use of Supervised Learning to detect deauthentication attacks. The model collects the network traffic and focuses on three indicators: Frame Interval, Received Signal Strength Indicator (RSSI), and Sequence Number.…”

Section: Ieee 80211 Attacks Countermeasuresmentioning

confidence: 99%

An IEEE 802.11 MAC Layer Covert Channel Based On Supported Rates

Teca,

Natkaniec

2022

International Journal of Electronics and Telecommunications

View full text Add to dashboard Cite

Wireless Local Area Networks present several vulnerabilities that are exploited, and as a result, numerous attacks have been developed and used against them. Although countermeasures to detect and eliminate such threats have been created throughout the years, few methods exist to prevent the attacks. IEEE 802.11 covert channels could be considered a candidate to prevent Wi-Fi attacks since they allow secret communication between the client station and the access point without establishing an association. They can be implemented in frames that attackers do not target. This paper presents a new covert channel that prevents Wi-Fi attacks. We also describe metrics, and discuss the performance results of the proposed solution. We show that the new protocol is able to achieve high efficiency of operation.

show abstract

Experimental Jamming Detection Using Machine Learning in IEEE 802.11 Enterprise Networks

Teeda,

Scazzoli,

Magarini

et al. 2023

2023 IEEE Globecom Workshops (GC Wkshps)

View full text Add to dashboard Cite

A single supervised learning model to detect fake access points, frequency sweeping jamming and deauthentication attacks in IEEE 802.11 networks

Cited by 5 publications

References 12 publications

Preventing Attacks on Wireless Networks Using SDN Controlled OODA Loops and Cyber Kill Chains

Preventing Attacks on Wireless Networks Using SDN Controlled OODA Loops and Cyber Kill Chains

An IEEE 802.11 MAC Layer Covert Channel Based On Supported Rates

Experimental Jamming Detection Using Machine Learning in IEEE 802.11 Enterprise Networks

Contact Info

Product

Resources

About