University of Hertfordshire

Identification of probe request attacks in WLANs using neural networks

Research output: Contribution to journalArticle

  • Deepthi N. Ratnayake
  • Hassan B. Kazemian
  • Syed A. Yusuf
View graph of relations
Original languageEnglish
Pages (from-to)1-14
Number of pages14
JournalNeural Computing and Applications
Volume25
Issue1
DOIs
Publication statusPublished - 1 Jan 2014

Abstract

Any sniffer can see the information sent through unprotected 'probe request messages' and 'probe response messages' in wireless local area networks (WLAN). A station (STA) can send probe requests to trigger probe responses by simply spoofing a genuine media access control (MAC) address to deceive access point (AP) controlled access list. Adversaries exploit these weaknesses to flood APs with probe requests, which can generate a denial of service (DoS) to genuine STAs. The research examines traffic of a WLAN using supervised feed-forward neural network classifier to identify genuine frames from rogue frames. The novel feature of this approach is to capture the genuine user and attacker training data separately and label them prior to training without network administrator's intervention. The model's performance is validated using self-consistency and fivefold cross-validation tests. The simulation is comprehensive and takes into account the real-world environment. The results show that this approach detects probe request attacks extremely well. This solution also detects an attack during an early stage of the communication, so that it can prevent any other attacks when an adversary contemplates to start breaking into the network.

ID: 16354983