Wireless Autonomic-Protection Systems (WAPS)


With the advance of the technology, networking has become a necessity with most of the networking shifting to the wireless technology. This ubiquitous use of wireless networking by users in the day to day life has brought about a need to protect the wireless networks from various network based attacks. The current attack detection techniques use signature based techniques to identify the attacks. But these detection techniques are unable to detect modified and new network attacks. Also the signature database has to be repeatedly updated from a central server to ensure effective attack detection Our objective is to build a State of the art anomaly based Wireless Autonomous Protection System (WAPS) to protect the Wireless Networks against known and unknown threats. .

WAPS monitors wireless networks, extract the network features, tracks wireless-network-state machine violations (Behavioral Analysis Engine), generates wireless network flows (WNetFlow) for multiple time windows, and uses the dynamically updated  rules to detect complex known and unknown wireless attacks. The Prediction Engine combines the results of WNetFlow with the output of Behavioral Analysis Engine to achieve to low false positive. In the case of any thread the appropriate proactive action will be done to block the intruder.



In Protocol Behavior Analysis Engine  we consider the frequency of a sequence of protocol transitions over a period of time. During the training phase, state transitions are represented as n-gram patterns, and then stored in a counting bloom filter. During the testing phase the frequency of any N consecutive transitions of the protocol is computed during the observation window and compared with the frequency of similar normal transitions that are stored in the database. The difference between these two values specifies the anomaly degree for that n-gram pattern.