Wireless Local Area Network Intrusion Detection System Using Deep Belief Networks
No Thumbnail Available
Date
2018-04-23
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Addis Ababa University
Abstract
In computer security, Intrusion detection Systems (IDS) are mechanism of detecting an
intruder in the system and notifying malicious activities to system administrator. Most
of IDS researches are on wired Local Area network (LAN) using KDD dataset. But the
wireless IDS needs its own research using dataset from wireless LAN. Since most of the
security vulnerability features of wireless LAN is due of its nature and they are di er-
ent from wired LAN, wireless IDS needs to be studied independently from that of wired
LAN. The IDS researches on wireless LAN started recently. Until now there are some
research works like publishing Aegean Wi-Fi Intrusion Dataset (AWID) dataset publicly
for the research community and evaluating the dataset using di erent machine learning
algorithms. But when we see the results from the previous research works, especially in
the case on Flooding and Impersonation attacks, it is clear that wireless IDS is not well
researched and it needs further study for performance improvements.
The AWID dataset contains di erent data types which are numeric, string, and hexadec-
imals. So before training the system and evaluation of its performance, the dataset is
preprocessed and nally 102 attributes are used for system training and evaluation. Also
two stage feature selection is implemented to reduce the training cost and improve the
system performance by selecting the minimum number of most discriminant features.
The rst stage is removing duplicated attributes, which reduce the number of attributes
in the dataset to 68. The second stage is done by applying Information Gain Ratio
(IGR). Using three thresholds three dataset are prepared namely 41 attribute dataset, 34
attribute dataset, and 25 attribute dataset to experiment the relation between number of
attributes in the dataset and the resulting system performance. The main classi cation
system is implemented using Deep Belief Networks (DBN). Two stage training strategy is used to train DBN for classi cation. The rst stage is unsupervised pre-training using Re-
stricted Boltzmann Machine (RBM) and the second stage is supervised ne tuning of the
pretrained DBN parameters using Back Propagation Neural Network (BPNN) algorithm.
Finally after designing and implementing the system, a number of experiments have been
done to evaluate the system performance using di erent performance metrics. The sys-
tem was able to achieve 98.55% classi cation accuracy with 102 attributes and it was
able to improve this result to 98.97% with selected 34 attribute dataset evaluation. But
the classi cation accuracy decrease to 98.74% while the numbers of attributes decrease
to 25. This shows that there is a limit in reducing the number of attributes and from
the experiments it is found that the minimum number of the most discriminative at-
tribute list that was able to reach the maximum performance in the proposed system
is 34 attributes. The system has been tested also using 10-fold cross validation and its
classi cation accuracy was improved to 99.96%.
Description
Keywords
AWID dataset, wireless network, intrusion detection system, Deep Belief Networks, attribute selection