Cluster Based Anomaly Detection in Wireless LAN
P.Kavitha , M.Usha."Cluster Based Anomaly Detection in Wireless LAN". International Journal of Computer Trends and Technology (IJCTT) V12(5):227-230, June 2014. ISSN:2231-2803. www.ijcttjournal.org. Published by Seventh Sense Research Group.
Abstract -
Data mining methods have gained importance in addressing computer network security. Existing Rule based classification models for anomaly detection are ineffective in dealing with dynamic changes in intrusion patterns and characteristic. Unsupervised learning methods have been given a closer look for network anomaly detection. We investigate hierarchical clustering algorithm for anomaly detection in wireless LAN traffic. Since there is no standard datasets available to do research in wireless network, we simulated a wireless LAN using NS-2 and the traces are used to observe the traffic patterns. Our study demonstrates the usefulness and promise of the proposed approach which uses hierarchical cluster based framework for anomaly detection in wireless computer networks to produce low false positive alarm and high detection rate also compared with the real time wireless traffic. This system can help Wireless network management system to quickly identify the attacks, which extends the system administrators security management capabilities and improve the integrity of the information security infrastructures.
References
[1] Khoshgoftaar, T.M., Nath, S.V., Zhong, S., Seliya, N, “Intrusion detection in wireless networks using clustering techniques with expert analysis”, in proc. of the ICMLA 2005:Fourth International Conference on Machine Learning and Applications, pp. 120-125, 2005.
[2] Zhong, S., Khoshgoftaar, T.M., Nath, S.V., “A Clustering approach to wireless network intrusion detection”, in proc. Of the International Conference on Tools with Artificial Intelligence, ICTAI 2005, pp. 190-196, 2005.
[3] Zhong, T. M. Khoshgoftaar, and N. Seliya Clustering-based network intrusion detection. International Journal of Reliability, Quality, and Safety Engineering,2007.
[4] P.Kavitha, M.Usha,”Classifier Selection Model for Network Intrusion Detection using Data Mining”, CiiT International Journal of Data Mining and Knowledge Engineering, Vol 3,No.12 ,2011.
[5]P.Kavitha, Usha.M,”Detecting Anomalies in WLAN using Discrimination Algorithm” 4th International Conference on Computing, Communication and Networking Technologies - ICCCNT 2013,July 2013.
[6]M. Balazinska and P. Castro. Characterizing mobility and network usage in a corporate wireless local-area network. In The 1st Int. Conf. Mobile Systems, Applications, and Services, 2003
[7]Wireless network intrusion detection system : Implementation and architectural issues – Gianluca Papaleo, 2006.
[8]Jiawei Han, and Micheline Kamber. Data Mining:Concepts and Techniques. Higher Education Press, 2001.
[9]Wired and wireless intrusion detection system : Classification, good characteristics and state-of-the-art . – Tarek S. Sobh, Elsevier, 2005
[10]A real- time network intrusion detection system for large scale attacks based on an incremental mining approach – Ming-Yang Su, Gwo-Jong Yu, Chun-Yuen Lin Elsevier 2008.
[11].Wireless intrusion detection based on different clustering approaches – Athira. M . Nambiar, Asha Vijayan, Aishwarya Nandakumar,A2CWiC 2010.
[12].Wireless intrusion detection : Not as easy as traditional network intrusion detection – Zhiqi Tao, A.B. Ruighaver, 2006.
[13].An intrusion detection Model, Dorothy E. Denning, IEEE 1986.
[14]Effective network intrusion detection using classifiers decision trees and decision rules – G. Meera Gandhi, Kumaravel Appavoo, S.K, Srivatsa , Int. J. Advanced networking and applications – Vol.2, issue-3, 2010.
[15].B. Potter, B. Fleck, 802.11 Security. O’Reilly & Associates Inc, 2003, ch2, pp. 18- 29. G. Held, Securing Wireless LANs. John Wiley & Sons Ltd, 2003, ch 5,pp. 113-148.
[16] L. Ertoz, E. Eilertson, A. Lazarevic, P. Tan, J. Srivastava, V. Kumar, and P. Dokas. The MINDS-Minnesota Intrusion Detection System in Next Generation Data Mining, chapter 3. MINDs, 2004.
[17] Y. Guan, A. L. Ghorbani, and N. Belacel. Y-means: A clustering method for intrusion detection. In Proceedings of the Canadian Conference on Electrical and Computer Engineering (IEEE CCECE), 2003.
[18] P. Chhabra, A. John, and H. Saran. PISA: Automatic extraction of traffic signatures. In Proceedings of IFIP Networking, 2005.
[19] K. Burbeck and S. Tehrani. ADWICE -Anomaly detection with realtime incremental clustering. In Proceedings of the 7th International Conference on Information Security and Cryptology, Seoul, Korea, 2004.
[20] F. Guo and T. Chiueh. Sequence number-based MAC address spoof detection.In http://www.ecsl.cs.sunysb.edu/tr/TR182.pdf, 2005.
[21]T. Zhang, R. Ramakrishnan, and M. Livny. BIRCH: An efficient data clustering method for very large databases. In Proceedings of the ACM SIGMOD International Conference on Management of Data, Montreal,Canada, 1996.
[22]Wireless Communications & Networks Second Edition, William Stallings, PHI 2006.
Keywords
Anomaly detection, Wireless Network, Data mining, Clustering , Wireless LAN Traffic data.