Wired LAN and Wireless LAN Attack Detection Using Signature Based and Machine Learning Tools

Kaur, Jaspreet

doi:10.1007/978-981-10-4585-1_2

Jaspreet Kaur⁶

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 3))

919 Accesses
6 Citations

Abstract

There are various attack which is possible in the network, it may be from externally or internally. But internal attacks are more dangerous than external. So, my mainly concern upon Wireless LAN and Wired LAN attacks which occurs internally. There are various Signature based tools, IDS/IPS (Intrusion detection or prevention system) available now-a-days for detecting these types of attacks but these are not sufficient due to high false alarm rate. So, I detect these types of attacks with three ways: through Wireshark, with signature based tools (Snort and Kismet) and with machine learning tools (WEKA). In wired LAN attack, my mainly concern on PING scan or PING flood, NMAP scan (portsweep) and ARP spoofing attacks. In wireless LAN attacks, I take care of Deauthentication attack, Disassociation attack and Access point (AP) spoofing attack. Signature based tools detect these types of the attacks based on the stored signature and timing threshold. But machine learning tools take several different feature to detect these types of attacks with more accuracy and low false positive rate.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

Mitchell, Changhua He John C.: Security Analysis and Improvements for IEEE 802.11 i, In: 12th annual network and distributed system security symposium, NDSS05 (2005).
Google Scholar
Farooq, Taimur, David Llewellyn-Jones, and Madjid M.: MAC Layer DoS Attacks in IEEE 802.11 Networks, In: The 11th Annual Conference on the Convergence of Telecommunications, Networking and Broadcasting, PGNet, Liverpool, UK, (2010).
Google Scholar
Ratnayake, Deepthi N., et al.: An intelligent approach to detect probe request attacks in IEEE 802.11 networks, In: Engineering Applications of Neural Networks, Springer Berlin Heidelberg, pp. 372–381, (2011).
Google Scholar
Bellardo, John, and Stefan S.: 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions, USENIX security, (2003).
Google Scholar
Bernaschi, Massimo, Francesco Ferreri, and Leonardo V.: Access points vulnerabilities to DoS attacks in 802.11 networks, Wireless Networks14.2, pp. 159–169, (2008).
Google Scholar
B. Vani, L.: Framework to Detect and Prevent Medium Access Control Layer Denial of Service Attacks in WLAN, International Journal of Computer Networks and Wireless Communications, ISSN: 2250-3501 Vol .3, No 2, April (2013).
Google Scholar
Agarwal, Mohini, Santosh Biswas, and Sukumar N.: Detection of Deauthentication Denial of Service attack in 802.11 networks, India Conference, INDICON, IEEE, (2013).
Google Scholar
Noman, Haitham Ameen, Shahidan M. Abdullah, and Haydar Imad M.: An Automated Approach to Detect Deauthentication and Disassociation Dos Attacks on Wireless 802.11 Networks, In: International Journal of Computer Science Issues, IJCSI 12.4 pp. 107 (2015).
Google Scholar
Arockiam, L., and B. Vani: A Survey of Denial of Service Attacks and its Counter measures on Wireless Network, International Journal on Computer Science and Engineering Vol. 02, No. 05, pp. 1563–1571 (2011).
Google Scholar
Yusuf B.: LAYER 2 ATTACKS & MITIGATION TECHNIQUES. http://www.sanog.org/resources/sanog7/yusuf-L2-attack-mitigation.pdf (2005).
OConnor, T. J.: Detecting and responding to data link layer attacks, SANS Institute InfoSec Reading Room, Oct 13 (2010).
Google Scholar
Tao, Kai, Jing Li, and Srinivas S.: Wise guard-MAC address spoofing detection system for wireless LANs, Second International Conference on Security and Cryptography, Barcelona, Spain, pp. 140–147 (2007).
Google Scholar
Korck, Michal, Jaroslav Lmer, and Frantisek J.: Intrusion Prevention/Intrusion Detection System (IPS/IDS) For Wifi Networks, International Journal of Computer Networks and Communications 6.4, pp. 77, (2014).
Google Scholar
Nevlud, Pavel, et al.: Anomaly-based Network Intrusion Detection Methods, Advances in Electrical and Electronic Engineering 11.6, pp. 468, (2013).
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Information Technology, Indira Gandhi Delhi Technical University for Women, Delhi, 110006, India
Jaspreet Kaur

Authors

Jaspreet Kaur
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jaspreet Kaur .

Editor information

Editors and Affiliations

University of Murcia, Murcia, Spain
Gregorio Martinez Perez
Department of Computer Science and Engineering, Motilal Nehru National Institute of Technology Allahabad, Allahabad, Uttar Pradesh, India
Krishn K. Mishra
Department of Computer Science and Engineering, ABES Engineering College, Ghaziabad, Uttar Pradesh, India
Shailesh Tiwari
Department of Computer Science and Engineering, ABES Engineering College, Ghaziabad, Uttar Pradesh, India
Munesh C. Trivedi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kaur, J. (2018). Wired LAN and Wireless LAN Attack Detection Using Signature Based and Machine Learning Tools. In: Perez, G., Mishra, K., Tiwari, S., Trivedi, M. (eds) Networking Communication and Data Knowledge Engineering. Lecture Notes on Data Engineering and Communications Technologies, vol 3. Springer, Singapore. https://doi.org/10.1007/978-981-10-4585-1_2

Download citation

DOI: https://doi.org/10.1007/978-981-10-4585-1_2
Published: 14 November 2017
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-4584-4
Online ISBN: 978-981-10-4585-1
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics