Article

802.11 network intrusion detection using genetic programming

Authors:

Patrick LaRoche,

A. Nur Zincir-HeywoodAuthors Info & Claims

GECCO '05: Proceedings of the 7th annual workshop on Genetic and evolutionary computation

Pages 170 - 171

https://doi.org/10.1145/1102256.1102295

Published: 25 June 2005 Publication History

Get Access

Abstract

Genetic Programming (GP) based Intrusion Detection Systems (IDS) use connection state network data during their training phase. These connection states are recorded as a set of features that the GP uses to train and test solutions which allow for the efficient and accurate detection of given attack patterns. However, when applied to a 802.11 network that is faced with attacks specific to the 802.11 protocol, the GP's detection rate reduces dramatically. In this work we discuss what causes this effect, and what can be done to improve the GP's performance on 802.11 networks.

References

[1]

AusCERT. Denial of Service Vulnerability in IEEE 802.11 Wireless Devices. AusCERT AA-2004.02, Australian Computer Emergency Response Team, http://www.auscert.org.au/render.html?it=4091, 13 May 2004.

Google Scholar

[2]

IEEE-SA Standards Board. ANSI/IEEE Std 802.11, 1999 Edition (R2003). IEEE, New York, NY, USA, 1999.

Google Scholar

[3]

J. Bellardo and S. Savage. 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In USENIX Security Symposium, pages 15--28, 2003.

Digital Library

Google Scholar

[4]

R. Lfoeter. Wireless Lan Security Framework htttp://www.wlsec.net/void11/, 2002.

Google Scholar

[5]

M. Lynn and R. Baird. Advanced 802.11 attack. Black hat Briefings, July 2002.

Google Scholar

[6]

D. Song, R. Curry, M. I. Heywood, and A. N. Zincir-Heywood. On the efficient mining of network audit data using genetic programming. In GECCO 2004 Workshop Proceedings, Seattle, Washington, USA, 26--30 June 2004.

Google Scholar

[7]

D. Song, M. I. Heywood, and A. N. Zincir-Heywood. A linear genetic programming approach to intrusion detection. In Genetic and Evolutionary Computation - GECCO-2003, volume 2724 of LNCS, pages 2325--2336, Chicago, 12--16 July 2003. Springer-Verlag.

Digital Library

Google Scholar

[8]

S. T, L. Y.-X., and H. Owen. Wireless Intrusion Detection and Response: A case study using the classic man-in-the-middle attack. In IEEE Wireless Communications and Networking Conference, Atlanta Ga., March 2004.

Google Scholar

Cited By

View all

Amro SElizondo DSolanas AMartínez-Ballesté A(2012)Evolutionary Computation in Computer Security and Forensics: An OverviewComputational Intelligence for Privacy and Security10.1007/978-3-642-25237-2_3(25-34)Online publication date: 10-Jan-2012
https://doi.org/10.1007/978-3-642-25237-2_3
O'Connor TSangster BWetzel SNita-Rotaru CStajano F(2010)honeyMProceedings of the third ACM conference on Wireless network security10.1145/1741866.1741888(129-138)Online publication date: 22-Mar-2010
https://dl.acm.org/doi/10.1145/1741866.1741888
Wu SBanzhaf W(2010)ReviewApplied Soft Computing10.1016/j.asoc.2009.06.01910:1(1-35)Online publication date: 1-Jan-2010
https://dl.acm.org/doi/10.1016/j.asoc.2009.06.019
Show More Cited By

Index Terms

802.11 network intrusion detection using genetic programming
1. Computing methodologies
  1. Machine learning
    1. Learning paradigms
    2. Machine learning approaches
      1. Markov decision processes
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Machine learning theory
      1. Markov decision processes

Recommendations

Genetic algorithm with variable length chromosomes for network intrusion detection

Genetic algorithm (GA) has received significant attention for the design and implementation of intrusion detection systems. In this paper, it is proposed to use variable length chromosomes (VLCs) in a GA-based network intrusion detection system. Fewer ...
Intrusion Detection Model Based on Genetic Programming and Clustering Algorithm
ICEICE '12: Proceedings of the 2012 Second International Conference on Electric Information and Control Engineering - Volume 04

This paper proposes an intrusion detection model based on Artificial Immune and Neural Network. It detects network attack by Genetic Programming technology, and applies the clustering algorithm to classify the attack. This model can detect the unknown ...
Neural network crossover in genetic algorithms using genetic programming
Abstract
The use of genetic algorithms (GAs) to evolve neural network (NN) weights has risen in popularity in recent years, particularly when used together with gradient descent as a mutation operator. However, crossover operators are often omitted from ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

GECCO '05: Proceedings of the 7th annual workshop on Genetic and evolutionary computation

June 2005

431 pages

ISBN:9781450378000

DOI:10.1145/1102256

Conference Chair:
Franz Rothlauf
University of Mannheim, Germany

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 June 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

GECCO05

Sponsor:

SIGEVO

GECCO05: Genetic and Evolutionary Computation Conference

June 25 - 26, 2005

D.C., Washington

Acceptance Rates

Overall Acceptance Rate 1,669 of 4,410 submissions, 38%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
622
Total Downloads

Downloads (Last 12 months)1
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Amro SElizondo DSolanas AMartínez-Ballesté A(2012)Evolutionary Computation in Computer Security and Forensics: An OverviewComputational Intelligence for Privacy and Security10.1007/978-3-642-25237-2_3(25-34)Online publication date: 10-Jan-2012
https://doi.org/10.1007/978-3-642-25237-2_3
O'Connor TSangster BWetzel SNita-Rotaru CStajano F(2010)honeyMProceedings of the third ACM conference on Wireless network security10.1145/1741866.1741888(129-138)Online publication date: 22-Mar-2010
https://dl.acm.org/doi/10.1145/1741866.1741888
Wu SBanzhaf W(2010)ReviewApplied Soft Computing10.1016/j.asoc.2009.06.01910:1(1-35)Online publication date: 1-Jan-2010
https://dl.acm.org/doi/10.1016/j.asoc.2009.06.019
Qureshi ZAslam BMohsin AJaved Y(2008)Using randomized association ID to detect and prevent spoofed PS-Poll based denial of service attacks in IEEE 802.11 WLANsWSEAS TRANSACTIONS on COMMUNICATIONS10.5555/1455934.14559397:3(170-179)Online publication date: 1-Mar-2008
https://dl.acm.org/doi/10.5555/1455934.1455939
Martínez AZurutuza UUribeetxeberria RFernández MLizarraga JSerna AVélez I(2008)Beacon Frame Spoofing Attack Detection in IEEE 802.11 NetworksProceedings of the 2008 Third International Conference on Availability, Reliability and Security10.1109/ARES.2008.130(520-525)Online publication date: 4-Mar-2008
https://dl.acm.org/doi/10.1109/ARES.2008.130
Shafiq MFarooq M(2007)Defence against 802.11 dos attacks using artificial immune systemProceedings of the 6th international conference on Artificial immune systems10.5555/1776274.1776286(95-106)Online publication date: 26-Aug-2007
https://dl.acm.org/doi/10.5555/1776274.1776286
Qureshi ZAslam BMohsin AJaved Y(2007)A solution to spoofed PS-poll based denial of service attacks in IEEE 802.11 WLANsProceedings of the 11th Conference on 11th WSEAS International Conference on Communications - Volume 1110.5555/1348101.1348103(7-11)Online publication date: 26-Jul-2007
https://dl.acm.org/doi/10.5555/1348101.1348103
Shafiq MFarooq M(2007)Defence Against 802.11 DoS Attacks Using Artificial Immune SystemArtificial Immune Systems10.1007/978-3-540-73922-7_9(95-106)Online publication date: 2007
https://doi.org/10.1007/978-3-540-73922-7_9
Aslam BIslam MKhan S(2006)802.11 Disassociation DoS Attack and Its Solutions: A Survey2006 Proceedings of the First Mobile Computing and Wireless Communication International Conference10.1109/MCWC.2006.4375225(221-226)Online publication date: Sep-2006
https://doi.org/10.1109/MCWC.2006.4375225
Aslam BIslam MKhan S(2006)Pseudo Randomized Sequence Number Based Solution to 802.11 Disassociation Denial of Service Attack2006 Proceedings of the First Mobile Computing and Wireless Communication International Conference10.1109/MCWC.2006.4375224(215-220)Online publication date: Sep-2006
https://doi.org/10.1109/MCWC.2006.4375224

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Genetic algorithm with variable length chromosomes for network intrusion detection

Intrusion Detection Model Based on Genetic Programming and Clustering Algorithm

Neural network crossover in genetic algorithms using genetic programming