Attack Detection for Wireless Enterprise Network: a Machine Learning Approach

An increasing number of enterprises are adopting wireless technology to deploy networks. However, wireless enterprise networks are more vulnerable than wired networks because of the broadcast feature. Thus, illegal attacks such as data theft and information forgery seriously threaten the property and information security of users and enterprises; these phenomena are attracting increasing attention from both academia and industry. Additionally, effectively detecting the attacks in the wireless enterprise networks is one of todays most important and challenging problems, especially in Wi-Fi networks, as attacks become increasingly covert and diverse. Fortunately, WiFi networks produce large amounts of data, providing copious big data for researchers. In this paper, using the Aegean Wi-Fi Intrusion Dataset (AWID), which is derived from the real-world Wi-Fi network, we introduce machine learning to detect network attacks. To significantly increase the training and convergence speeds, we deploy two-dimensional data cleaning and select 18 useful attributes from the original set of 154. Then, we introduce support vector machine (SVM) to detect attacks based on the cleaned dataset. The detection accuracy for flooding attacks, injection attacks, and normal data reached 89.18%, 87.34%, and 99.88% respectively. To the best of our knowledge, this is the first study to introduce a two-dimensional data cleaning method with an SVM to improve the detection accuracy for attacks. Finally, our detection results are comparable with the existing studies; however, our method operates with simpler data attributes with faster and more efficient training speed.