With the breakthrough of pervasive advanced networking infrastructures and paradigms such as 5G and IoT, cybersecurity became an active and crucial field in the last years. Furthermore, machine learning techniques are gaining more and more attention as prospective tools for mining of (possibly malicious) packet traces and automatic synthesis of network intrusion detection systems. In this work, we propose a modular ensemble of classifiers for spotting malicious attacks on Wi-Fi networks. Each classifier in the ensemble is tailored to characterize a given attack class and is individually optimized by means of a genetic algorithm with the dual goal of hyper-parameters tuning and retaining only relevant features for a specific attack class. In particular, we investigate three different classification systems: K-Nearest Neighbours, Support Vector Machines and a Supervised Clustering-based Classifier. The comparison amongst the three classifiers regard not only the accuracy on the test set, but also the computational complexity and the running times for training and testing the model. Our approach also considers a false alarm management procedure thanks to a proper reliability measure formulation, ad-hoc tailored for each classifier. The proposed system has been tested on the well-known AWID dataset, showing performances comparable with other state-of-the-art works both in terms of accuracy and knowledge discovery capabilities. Our system is also characterized by a modular design of the classification model, allowing to include new possible attack classes in an efficient way.
Intrusion Detection in Wi-Fi Networks by Modular and Optimized Ensemble of Classifiers: An Extended Analysis / Granato, Giuseppe; Martino, Alessio; Baldini, Luca; Rizzi, Antonello. - In: SN COMPUTER SCIENCE. - ISSN 2662-995X. - 3:4(2022), pp. 1-17. [10.1007/s42979-022-01191-0]
Intrusion Detection in Wi-Fi Networks by Modular and Optimized Ensemble of Classifiers: An Extended Analysis
Giuseppe Granato;Alessio Martino;Luca Baldini;Antonello Rizzi
2022
Abstract
With the breakthrough of pervasive advanced networking infrastructures and paradigms such as 5G and IoT, cybersecurity became an active and crucial field in the last years. Furthermore, machine learning techniques are gaining more and more attention as prospective tools for mining of (possibly malicious) packet traces and automatic synthesis of network intrusion detection systems. In this work, we propose a modular ensemble of classifiers for spotting malicious attacks on Wi-Fi networks. Each classifier in the ensemble is tailored to characterize a given attack class and is individually optimized by means of a genetic algorithm with the dual goal of hyper-parameters tuning and retaining only relevant features for a specific attack class. In particular, we investigate three different classification systems: K-Nearest Neighbours, Support Vector Machines and a Supervised Clustering-based Classifier. The comparison amongst the three classifiers regard not only the accuracy on the test set, but also the computational complexity and the running times for training and testing the model. Our approach also considers a false alarm management procedure thanks to a proper reliability measure formulation, ad-hoc tailored for each classifier. The proposed system has been tested on the well-known AWID dataset, showing performances comparable with other state-of-the-art works both in terms of accuracy and knowledge discovery capabilities. Our system is also characterized by a modular design of the classification model, allowing to include new possible attack classes in an efficient way.| File | Dimensione | Formato | |
|---|---|---|---|
|
Granato_Intrusion_2022.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.64 MB
Formato
Adobe PDF
|
1.64 MB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
