Menore, Tekeba (Mr.)Temesgen, Mihiretu2021-02-232023-11-042021-02-232023-11-042018-04-23http://etd.aau.edu.et/handle/123456789/25204In computer security, Intrusion detection Systems (IDS) are mechanism of detecting an intruder in the system and notifying malicious activities to system administrator. Most of IDS researches are on wired Local Area network (LAN) using KDD dataset. But the wireless IDS needs its own research using dataset from wireless LAN. Since most of the security vulnerability features of wireless LAN is due of its nature and they are di er- ent from wired LAN, wireless IDS needs to be studied independently from that of wired LAN. The IDS researches on wireless LAN started recently. Until now there are some research works like publishing Aegean Wi-Fi Intrusion Dataset (AWID) dataset publicly for the research community and evaluating the dataset using di erent machine learning algorithms. But when we see the results from the previous research works, especially in the case on Flooding and Impersonation attacks, it is clear that wireless IDS is not well researched and it needs further study for performance improvements. The AWID dataset contains di erent data types which are numeric, string, and hexadec- imals. So before training the system and evaluation of its performance, the dataset is preprocessed and nally 102 attributes are used for system training and evaluation. Also two stage feature selection is implemented to reduce the training cost and improve the system performance by selecting the minimum number of most discriminant features. The rst stage is removing duplicated attributes, which reduce the number of attributes in the dataset to 68. The second stage is done by applying Information Gain Ratio (IGR). Using three thresholds three dataset are prepared namely 41 attribute dataset, 34 attribute dataset, and 25 attribute dataset to experiment the relation between number of attributes in the dataset and the resulting system performance. The main classi cation system is implemented using Deep Belief Networks (DBN). Two stage training strategy is used to train DBN for classi cation. The rst stage is unsupervised pre-training using Re- stricted Boltzmann Machine (RBM) and the second stage is supervised ne tuning of the pretrained DBN parameters using Back Propagation Neural Network (BPNN) algorithm. Finally after designing and implementing the system, a number of experiments have been done to evaluate the system performance using di erent performance metrics. The sys- tem was able to achieve 98.55% classi cation accuracy with 102 attributes and it was able to improve this result to 98.97% with selected 34 attribute dataset evaluation. But the classi cation accuracy decrease to 98.74% while the numbers of attributes decrease to 25. This shows that there is a limit in reducing the number of attributes and from the experiments it is found that the minimum number of the most discriminative at- tribute list that was able to reach the maximum performance in the proposed system is 34 attributes. The system has been tested also using 10-fold cross validation and its classi cation accuracy was improved to 99.96%.en-USAWID datasetwireless networkintrusion detection systemDeep Belief Networksattribute selectionWireless Local Area Network Intrusion Detection System Using Deep Belief NetworksThesis