Selecting the Best Set of Features for Efficient Intrusion Detection in 802.11 Networks

Mouhcine Guennoun

Aboubakr Lbekkouri

Khalil El-Khatib

Types of attacks• De-authentication attack

• Chop-Chop attack

• Fragmentation attack

• Duration attack• frames with NAV(network allocation vector)

Selecting approach• Most of the intrusion detection systems examine only

network layer and higher abstraction layers for extracting and selecting features and ignore the MAC layer header.

• In this approach, we rank the features using an independent measure: the information gain ratio. The k-means classifier’s predictive accuracy is used to reach an optimal set of features that maximize the accuracy of detection of the wireless attacks.

Selecting approach

Selecting approachFeatures of layer 2 in Wi-Fi : Logical Link Control (LLC) and Media Access Control (MAC)

Information gain ratiof ∈ F , F= {All features }

Information gain ratio

Result