A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection
- Autores
- Zhou, Wenzhe; Marshall, Alan; Gu, Qiang
- Año de publicación
- 2006
- Idioma
- inglés
- Tipo de recurso
- documento de conferencia
- Estado
- versión publicada
- Descripción
- This paper introduces a novel Management Traffic Clustering Algorithm (MTCA) based on a sliding window methodology for intrusion detection in 802.11 networks Active attacks and other network events such as scanning, joining and leaving in 802.11 WLANs can be observed by clustering the management frames in the MAC Layer. The new algorithm is based on a sliding window and measures the similarity of management frames within a certain period by calculating their variance. Through filtering out certain management frames, clusters are recognized from the discrete distribution of the variance of the management traffic load. Two parameters determine the accuracy and robustness of the algorithm: the Sample Interval and the Window Size of the sliding window. Extensive tests and comparisons between different sets of Sample Intervals and Window Sizes have been carried out. From analysis of the results, recommendations on what are the most appropriate values for these two parameters in various scenarios are presented.
5th IFIP International Conference on Network Control & Engineering for QoS, Security and Mobility
Red de Universidades con Carreras en Informática (RedUNCI) - Materia
-
Ciencias Informáticas
Algorithms
Security - Nivel de accesibilidad
- acceso abierto
- Condiciones de uso
- http://creativecommons.org/licenses/by-nc-sa/2.5/ar/
- Repositorio
.jpg)
- Institución
- Universidad Nacional de La Plata
- OAI Identificador
- oai:sedici.unlp.edu.ar:10915/24100
Ver los metadatos del registro completo
| id |
SEDICI_a1ad14272f4b3d08358d37db6f33e50e |
|---|---|
| oai_identifier_str |
oai:sedici.unlp.edu.ar:10915/24100 |
| network_acronym_str |
SEDICI |
| repository_id_str |
1329 |
| network_name_str |
SEDICI (UNLP) |
| spelling |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detectionZhou, WenzheMarshall, AlanGu, QiangCiencias InformáticasAlgorithmsSecurityThis paper introduces a novel Management Traffic Clustering Algorithm (MTCA) based on a sliding window methodology for intrusion detection in 802.11 networks Active attacks and other network events such as scanning, joining and leaving in 802.11 WLANs can be observed by clustering the management frames in the MAC Layer. The new algorithm is based on a sliding window and measures the similarity of management frames within a certain period by calculating their variance. Through filtering out certain management frames, clusters are recognized from the discrete distribution of the variance of the management traffic load. Two parameters determine the accuracy and robustness of the algorithm: the Sample Interval and the Window Size of the sliding window. Extensive tests and comparisons between different sets of Sample Intervals and Window Sizes have been carried out. From analysis of the results, recommendations on what are the most appropriate values for these two parameters in various scenarios are presented.5th IFIP International Conference on Network Control & Engineering for QoS, Security and MobilityRed de Universidades con Carreras en Informática (RedUNCI)2006-08info:eu-repo/semantics/conferenceObjectinfo:eu-repo/semantics/publishedVersionObjeto de conferenciahttp://purl.org/coar/resource_type/c_5794info:ar-repo/semantics/documentoDeConferenciaapplication/pdfhttp://sedici.unlp.edu.ar/handle/10915/24100enginfo:eu-repo/semantics/altIdentifier/isbn/0-387-34825-5info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-sa/2.5/ar/Creative Commons Attribution-NonCommercial-ShareAlike 2.5 Argentina (CC BY-NC-SA 2.5)reponame:SEDICI (UNLP)instname:Universidad Nacional de La Platainstacron:UNLP2025-10-29T15:01:26Zoai:sedici.unlp.edu.ar:10915/24100Institucionalhttp://sedici.unlp.edu.ar/Universidad públicaNo correspondehttp://sedici.unlp.edu.ar/oai/snrdalira@sedici.unlp.edu.arArgentinaNo correspondeNo correspondeNo correspondeopendoar:13292025-10-29 15:01:26.559SEDICI (UNLP) - Universidad Nacional de La Platafalse |
| dc.title.none.fl_str_mv |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| title |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| spellingShingle |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection Zhou, Wenzhe Ciencias Informáticas Algorithms Security |
| title_short |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| title_full |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| title_fullStr |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| title_full_unstemmed |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| title_sort |
A sliding window based management traffic clustering algorithm for 802.11 WLAN intrusion detection |
| dc.creator.none.fl_str_mv |
Zhou, Wenzhe Marshall, Alan Gu, Qiang |
| author |
Zhou, Wenzhe |
| author_facet |
Zhou, Wenzhe Marshall, Alan Gu, Qiang |
| author_role |
author |
| author2 |
Marshall, Alan Gu, Qiang |
| author2_role |
author author |
| dc.subject.none.fl_str_mv |
Ciencias Informáticas Algorithms Security |
| topic |
Ciencias Informáticas Algorithms Security |
| dc.description.none.fl_txt_mv |
This paper introduces a novel Management Traffic Clustering Algorithm (MTCA) based on a sliding window methodology for intrusion detection in 802.11 networks Active attacks and other network events such as scanning, joining and leaving in 802.11 WLANs can be observed by clustering the management frames in the MAC Layer. The new algorithm is based on a sliding window and measures the similarity of management frames within a certain period by calculating their variance. Through filtering out certain management frames, clusters are recognized from the discrete distribution of the variance of the management traffic load. Two parameters determine the accuracy and robustness of the algorithm: the Sample Interval and the Window Size of the sliding window. Extensive tests and comparisons between different sets of Sample Intervals and Window Sizes have been carried out. From analysis of the results, recommendations on what are the most appropriate values for these two parameters in various scenarios are presented. 5th IFIP International Conference on Network Control & Engineering for QoS, Security and Mobility Red de Universidades con Carreras en Informática (RedUNCI) |
| description |
This paper introduces a novel Management Traffic Clustering Algorithm (MTCA) based on a sliding window methodology for intrusion detection in 802.11 networks Active attacks and other network events such as scanning, joining and leaving in 802.11 WLANs can be observed by clustering the management frames in the MAC Layer. The new algorithm is based on a sliding window and measures the similarity of management frames within a certain period by calculating their variance. Through filtering out certain management frames, clusters are recognized from the discrete distribution of the variance of the management traffic load. Two parameters determine the accuracy and robustness of the algorithm: the Sample Interval and the Window Size of the sliding window. Extensive tests and comparisons between different sets of Sample Intervals and Window Sizes have been carried out. From analysis of the results, recommendations on what are the most appropriate values for these two parameters in various scenarios are presented. |
| publishDate |
2006 |
| dc.date.none.fl_str_mv |
2006-08 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/conferenceObject info:eu-repo/semantics/publishedVersion Objeto de conferencia http://purl.org/coar/resource_type/c_5794 info:ar-repo/semantics/documentoDeConferencia |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.none.fl_str_mv |
http://sedici.unlp.edu.ar/handle/10915/24100 |
| url |
http://sedici.unlp.edu.ar/handle/10915/24100 |
| dc.language.none.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
info:eu-repo/semantics/altIdentifier/isbn/0-387-34825-5 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-sa/2.5/ar/ Creative Commons Attribution-NonCommercial-ShareAlike 2.5 Argentina (CC BY-NC-SA 2.5) |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-sa/2.5/ar/ Creative Commons Attribution-NonCommercial-ShareAlike 2.5 Argentina (CC BY-NC-SA 2.5) |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.source.none.fl_str_mv |
reponame:SEDICI (UNLP) instname:Universidad Nacional de La Plata instacron:UNLP |
| reponame_str |
SEDICI (UNLP) |
| collection |
SEDICI (UNLP) |
| instname_str |
Universidad Nacional de La Plata |
| instacron_str |
UNLP |
| institution |
UNLP |
| repository.name.fl_str_mv |
SEDICI (UNLP) - Universidad Nacional de La Plata |
| repository.mail.fl_str_mv |
alira@sedici.unlp.edu.ar |
| _version_ |
1847427804906389504 |
| score |
13.10058 |