Intrusion detection in wireless networks using clustering techniques with expert analysis

The increasing reliance upon wireless networks has put tremendous´ emphasis on wireless network security. While considerable attention has been given to data mining for intrusion detection in wired networks, limited focus has been devoted to data mining for intrusion detection in wireless networks. This study presents a clustering approach with tracers and expert analysis for intrusion detection in a real-world wireless network. Security vulnerabilities of 802.11 wireless networks are investigated, leading to a summary of network traffic metrics relevant to modeling the security of wireless networks. The proposed approach utilizes a simple distance-based heuristic measure to label clusters as either normal or intrusive. The classification of network traffic instances is further enhanced with the aid of tracers, i.e., a small set of instances with known labels - normal or intrusive. Our study demonstrates the usefulness and promise of the proposed approach, laying the groundwork for a clustering-based framework for intrusion detection in wireless computer networks.