Wireless Autonomic-Protection Systems (WAPS)


With the advance of the technology, networking has become a necessity with most of the networking shifting to the wireless technology. This ubiquitous use of wireless networking by users in the day to day life has brought about a need to protect the wireless networks from various network based attacks. The current attack detection techniques use signature based techniques to identify the attacks. But these detection techniques are unable to detect modified and new network attacks. Also the signature database has to be repeatedly updated from a central server to ensure effective attack detection Our objective is to build a State of the art anomaly based Wireless Autonomous Protection System (WAPS) to protect the Wireless Networks against known and unknown threats. .

WAPS monitors wireless networks, extract the network features, tracks wireless-network-state machine violations (Behavioral Analysis Engine), generates wireless network flows (WNetFlow) for multiple time windows, and uses the dynamically updated  rules to detect complex known and unknown wireless attacks. The Prediction Engine combines the results of WNetFlow with the output of Behavioral Analysis Engine to achieve to low false positive. In the case of any thread the appropriate proactive action will be done to block the intruder.


 In Protocol Behavior Analysis Engine  we consider the frequency of a sequence of protocol transitions over a period of time. During the training phase, state transitions are represented as n-gram patterns, and then stored in a counting bloom filter. During the testing phase the frequency of any N consecutive transitions of the protocol is computed during the observation window and compared with the frequency of similar normal transitions that are stored in the database. The difference between these two values specifies the anomaly degree for that n-gram pattern.



Pratik Satam
website: http://acl.ece.arizona.edu/

Research Areas and Interests:


Youssif Al-Nashif
website: http://www.ece.arizona.edu/~alnashif

Research Areas and Interests: Network Security, Autonomic Computing & Management, Autonomic Faults Managements, Data Mining, AI, Distributed Computing, High Performance Computing, Grid Computing, Scientific Visualization Simulation and modeling.


Former Students

Hamid Alipour
website: http://ece.arizona.edu/~hra
Affiliation: Microsoft

Research Areas and Interests: Networks and Distributed systems, Network Security, DataMining , Autonomic Computing



Alipour, H.; Al-Nashif, Y.B.; Hariri, S., "IEEE 802.11 anomaly-based behavior analysis," Computing, Networking and Communications (ICNC), 2013 International Conference on , vol., no., pp.369,373, 28-31 Jan. 2013





Phone Number: (520) 621-9915 Room 251, ECE Dept. 1230 E. Speedway Tucson, AZ 85721-0104
ACL - Copyright 2007, Webmaster: Youssif Al-Nashif
All Rights Reserved