An intelligent approach to detect probe request attacks in IEEE 802.11 networks

Abstract

In Wireless Local Area Networks (WLAN), beacon, probe request and response messages are unprotected, so the information is visible to sniffers. Probe requests can be sent by anyone with a legitimate Media Access Control (MAC) address, as association to the network is not required at this stage. Legitimate MAC addresses can be easily spoofed to bypass Access Point (AP) access lists. Attackers take advantage of these vulnerabilities and send a flood of probe request frames which can lead to a Denial-of-Service (DoS) to legitimate stations. This paper discusses an intelligent approach to recognise probe request attacks in WLANs. The research investigates and analyses WLAN traffic captured on a home wireless network, and uses supervised feedforward neural network with 4 input neurons, 2 hidden layers and an output neuron to determine the results. The computer simulation results demonstrate that this approach improves detection of MAC spoofing and probe request attacks considerably. © 2011 International Federation for Information Processing.