Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traff...Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traffic features with high information gain are primarily found in data link layers rather than application layers in wired networks.This survey investigates some of the complexities and challenges in deploying wireless IDS in terms of data collection methods,IDS techniques,IDS placement strategies,and traffic data analysis techniques.This paper’s main finding highlights the lack of available network traces for training modern machine-learning models against IoT specific intrusions.Specifically,the Knowledge Discovery in Databases(KDD)Cup dataset is reviewed to highlight the design challenges of wireless intrusion detection based on current data attributes and proposed several guidelines to future-proof following traffic capture methods in the wireless network(WN).The paper starts with a review of various intrusion detection techniques,data collection methods and placement methods.The main goal of this paper is to study the design challenges of deploying intrusion detection system in a wireless environment.Intrusion detection system deployment in a wireless environment is not as straightforward as in the wired network environment due to the architectural complexities.So this paper reviews the traditional wired intrusion detection deployment methods and discusses how these techniques could be adopted into the wireless environment and also highlights the design challenges in the wireless environment.The main wireless environments to look into would be Wireless Sensor Networks(WSN),Mobile Ad Hoc Networks(MANET)and IoT as this are the future trends and a lot of attacks have been targeted into these networks.So it is very crucial to design an IDS specifically to target on the wireless networks.展开更多
Enhancement in wireless networks had given users the ability to use the Internet without a physical connection to the router.Almost every Internet of Things(IoT)devices such as smartphones,drones,and cameras use wirel...Enhancement in wireless networks had given users the ability to use the Internet without a physical connection to the router.Almost every Internet of Things(IoT)devices such as smartphones,drones,and cameras use wireless technology(Infrared,Bluetooth,IrDA,IEEE 802.11,etc.)to establish multiple interdevice connections simultaneously.With the flexibility of the wireless network,one can set up numerous ad-hoc networks on-demand,connecting hundreds to thousands of users,increasing productivity and profitability significantly.However,the number of network attacks in wireless networks that exploit such flexibilities in setting and tearing down networks has become very alarming.Perpetrators can launch attacks since there is no first line of defense in an ad hoc network setup besides the standard IEEE802.11 WPA2 authentication.One feasible countermeasure is to deploy intrusion detection systems at the edge of these ad hoc networks(Network-based IDS)or at the node level(Host-based IDS).The challenge here is that there is no readily available benchmark data available for IoT network traffic.Creating this benchmark data is very tedious as IoT can work on multiple platforms and networks,and crafting and labelling such dataset is very labor-intensive.This research aims to study the characteristics of existing datasets available such as KDD-Cup and NSL-KDD,and their suitability for wireless IDS implementation.We hypothesize that network features are parametrically different depending on the types of network and assigning weight dynamically to these features can potentially improve the subsequent threat classifications.This paper analyses packet and flow features for the data packet captured on a wireless network rather than a wired network.Combining domain heuristcs and early classification results,the paper had identified 19 header fields exclusive to wireless network that contain high information gain to be used as ML features in Wireless IDS.展开更多
基金The authors acknowledge Jouf University,Saudi Arabia for his funding support.
文摘Internet of Things(IoT)devices work mainly in wireless mediums;requiring different Intrusion Detection System(IDS)kind of solutions to leverage 802.11 header information for intrusion detection.Wireless-specific traffic features with high information gain are primarily found in data link layers rather than application layers in wired networks.This survey investigates some of the complexities and challenges in deploying wireless IDS in terms of data collection methods,IDS techniques,IDS placement strategies,and traffic data analysis techniques.This paper’s main finding highlights the lack of available network traces for training modern machine-learning models against IoT specific intrusions.Specifically,the Knowledge Discovery in Databases(KDD)Cup dataset is reviewed to highlight the design challenges of wireless intrusion detection based on current data attributes and proposed several guidelines to future-proof following traffic capture methods in the wireless network(WN).The paper starts with a review of various intrusion detection techniques,data collection methods and placement methods.The main goal of this paper is to study the design challenges of deploying intrusion detection system in a wireless environment.Intrusion detection system deployment in a wireless environment is not as straightforward as in the wired network environment due to the architectural complexities.So this paper reviews the traditional wired intrusion detection deployment methods and discusses how these techniques could be adopted into the wireless environment and also highlights the design challenges in the wireless environment.The main wireless environments to look into would be Wireless Sensor Networks(WSN),Mobile Ad Hoc Networks(MANET)and IoT as this are the future trends and a lot of attacks have been targeted into these networks.So it is very crucial to design an IDS specifically to target on the wireless networks.
文摘Enhancement in wireless networks had given users the ability to use the Internet without a physical connection to the router.Almost every Internet of Things(IoT)devices such as smartphones,drones,and cameras use wireless technology(Infrared,Bluetooth,IrDA,IEEE 802.11,etc.)to establish multiple interdevice connections simultaneously.With the flexibility of the wireless network,one can set up numerous ad-hoc networks on-demand,connecting hundreds to thousands of users,increasing productivity and profitability significantly.However,the number of network attacks in wireless networks that exploit such flexibilities in setting and tearing down networks has become very alarming.Perpetrators can launch attacks since there is no first line of defense in an ad hoc network setup besides the standard IEEE802.11 WPA2 authentication.One feasible countermeasure is to deploy intrusion detection systems at the edge of these ad hoc networks(Network-based IDS)or at the node level(Host-based IDS).The challenge here is that there is no readily available benchmark data available for IoT network traffic.Creating this benchmark data is very tedious as IoT can work on multiple platforms and networks,and crafting and labelling such dataset is very labor-intensive.This research aims to study the characteristics of existing datasets available such as KDD-Cup and NSL-KDD,and their suitability for wireless IDS implementation.We hypothesize that network features are parametrically different depending on the types of network and assigning weight dynamically to these features can potentially improve the subsequent threat classifications.This paper analyses packet and flow features for the data packet captured on a wireless network rather than a wired network.Combining domain heuristcs and early classification results,the paper had identified 19 header fields exclusive to wireless network that contain high information gain to be used as ML features in Wireless IDS.