RIDS : Real-time Intrusion Detection System for WPA3 enabled Enterprise Networks

07/06/2022
by   Rahul Saini, et al.
0

With the advent of new IEEE 802.11ax (WiFi 6) devices, enabling security is a priority. Since previous versions were found to have security vulnerabilities, to fix the most common security flaws, the WiFi Protected Access 3 (WPA3) got introduced. Although WPA3 is an improvement over its predecessor in terms of security, recently it was found that WPA3 has a few security vulnerabilities as well. In this paper, we have mentioned the previously known vulnerabilities in WPA3 and WPA2. In addition to that, we have created our own dataset based on WPA3 attacks (Section III). We have proposed a two-stage solution for the detection of an intrusion in the network. The two-stage approach will help ease computational processing burden of an AP and WLAN Controller. First, AP will perform a lightweight simple operation for some duration (say 500ms) at certain time interval. Upon discovering any abnormality in the flow of traffic an ML-based solution at the controller will detect the type of attack. Our approach is to utilize resources on AP as well as the back-end controller with certain level of optimization. We have achieved over 99 detection using an ML-based solution. We have also publicly provided our code and dataset for the open-source research community, so that it can contribute for future research work.

READ FULL TEXT
research
10/08/2021

A Wireless Intrusion Detection System for 802.11 WPA3 Networks

Wi-Fi (802.11) networks have become an essential part of our daily lives...
research
02/12/2023

Bl0ck: Paralyzing 802.11 connections through Block Ack frames

Despite Wi-Fi is at the eve of its seventh generation, security concerns...
research
09/24/2020

Graph-Based Intrusion Detection System for Controller Area Networks

The controller area network (CAN) is the most widely used intra-vehicula...
research
03/20/2023

TSNZeek: An Open-source Intrusion Detection System for IEEE 802.1 Time-sensitive Networking

IEEE 802.1 Time-sensitive Networking (TSN) standards are envisioned to r...
research
02/19/2022

Survey of Machine Learning Based Intrusion Detection Methods for Internet of Medical Things

Internet of Medical Things (IoMT) represents an application of the Inter...
research
03/25/2021

Near Real-time Learning and Extraction of Attack Models from Intrusion Alerts

Critical and sophisticated cyberattacks often take multitudes of reconna...

Please sign up or login with your details

Forgot password? Click here to reset