Passive intrusion detection in wireless networks by exploiting clustering-based learning

Jie Yang, Yingying Chen, Sachi Desai, Shafik Quoraishee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The large-scale wireless sensing data collected from wireless networks can be used for detecting intruders (e.g., enemies in tactical fields), and further facilitating real-time situation awareness in Army's network-centric warfare applications such as intrusion detection, battlefield protection and emergency evacuation. In this work, we focus on exploiting Received Signal Strength (RSS) obtained from the existing wireless infrastructures for performing intrusion detection when the intruders or objects do not carry any radio devices. This is also known as passive intrusion detection. Passive intrusion detection based on the RSS data is an attractive approach as it reuses the existing wireless environmental data without requiring a specialized infrastructure. We propose a clustering-based learning mechanism for passive intrusion detection in wireless networks. Specifically, our detection scheme utilizes the clustering method to analyze the changes of RSS, caused by intrusions, at multiple devices to diagnose the presence of intrusions collaboratively. Our experimental results using an IEEE 802.15.4 (Zigbee) network in a real office environment show that our clustering-based learning can effectively detect the presence of intrusions.

Original languageEnglish (US)
Title of host publicationWireless Sensing, Localization, and Processing V
DOIs
StatePublished - Dec 1 2010
EventWireless Sensing, Localization, and Processing V - Orlando, FL, United States
Duration: Apr 8 2010Apr 9 2010

Publication series

NameProceedings of SPIE - The International Society for Optical Engineering
Volume7706
ISSN (Print)0277-786X

Other

OtherWireless Sensing, Localization, and Processing V
CountryUnited States
CityOrlando, FL
Period4/8/104/9/10

Fingerprint

Intrusion detection
Intrusion Detection
learning
Wireless Networks
Wireless networks
Received Signal Strength
Clustering
intrusion
Infrastructure
warfare
IEEE 802.15.4
ZigBee
Situation Awareness
Zigbee
Evacuation
reuse
Military operations
emergencies
Clustering Methods
Emergency

All Science Journal Classification (ASJC) codes

  • Electronic, Optical and Magnetic Materials
  • Condensed Matter Physics
  • Computer Science Applications
  • Applied Mathematics
  • Electrical and Electronic Engineering

Keywords

  • Intrusion detection
  • K-means clustering
  • Received signal strength
  • Wireless network

Cite this

Yang, J., Chen, Y., Desai, S., & Quoraishee, S. (2010). Passive intrusion detection in wireless networks by exploiting clustering-based learning. In Wireless Sensing, Localization, and Processing V [770604] (Proceedings of SPIE - The International Society for Optical Engineering; Vol. 7706). https://doi.org/10.1117/12.852676
Yang, Jie ; Chen, Yingying ; Desai, Sachi ; Quoraishee, Shafik. / Passive intrusion detection in wireless networks by exploiting clustering-based learning. Wireless Sensing, Localization, and Processing V. 2010. (Proceedings of SPIE - The International Society for Optical Engineering).
@inproceedings{f22cbd7ad14b4cbca5dcc79203368c6f,
title = "Passive intrusion detection in wireless networks by exploiting clustering-based learning",
abstract = "The large-scale wireless sensing data collected from wireless networks can be used for detecting intruders (e.g., enemies in tactical fields), and further facilitating real-time situation awareness in Army's network-centric warfare applications such as intrusion detection, battlefield protection and emergency evacuation. In this work, we focus on exploiting Received Signal Strength (RSS) obtained from the existing wireless infrastructures for performing intrusion detection when the intruders or objects do not carry any radio devices. This is also known as passive intrusion detection. Passive intrusion detection based on the RSS data is an attractive approach as it reuses the existing wireless environmental data without requiring a specialized infrastructure. We propose a clustering-based learning mechanism for passive intrusion detection in wireless networks. Specifically, our detection scheme utilizes the clustering method to analyze the changes of RSS, caused by intrusions, at multiple devices to diagnose the presence of intrusions collaboratively. Our experimental results using an IEEE 802.15.4 (Zigbee) network in a real office environment show that our clustering-based learning can effectively detect the presence of intrusions.",
keywords = "Intrusion detection, K-means clustering, Received signal strength, Wireless network",
author = "Jie Yang and Yingying Chen and Sachi Desai and Shafik Quoraishee",
year = "2010",
month = "12",
day = "1",
doi = "10.1117/12.852676",
language = "English (US)",
isbn = "9780819481702",
series = "Proceedings of SPIE - The International Society for Optical Engineering",
booktitle = "Wireless Sensing, Localization, and Processing V",

}

Yang, J, Chen, Y, Desai, S & Quoraishee, S 2010, Passive intrusion detection in wireless networks by exploiting clustering-based learning. in Wireless Sensing, Localization, and Processing V., 770604, Proceedings of SPIE - The International Society for Optical Engineering, vol. 7706, Wireless Sensing, Localization, and Processing V, Orlando, FL, United States, 4/8/10. https://doi.org/10.1117/12.852676

Passive intrusion detection in wireless networks by exploiting clustering-based learning. / Yang, Jie; Chen, Yingying; Desai, Sachi; Quoraishee, Shafik.

Wireless Sensing, Localization, and Processing V. 2010. 770604 (Proceedings of SPIE - The International Society for Optical Engineering; Vol. 7706).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Passive intrusion detection in wireless networks by exploiting clustering-based learning

AU - Yang, Jie

AU - Chen, Yingying

AU - Desai, Sachi

AU - Quoraishee, Shafik

PY - 2010/12/1

Y1 - 2010/12/1

N2 - The large-scale wireless sensing data collected from wireless networks can be used for detecting intruders (e.g., enemies in tactical fields), and further facilitating real-time situation awareness in Army's network-centric warfare applications such as intrusion detection, battlefield protection and emergency evacuation. In this work, we focus on exploiting Received Signal Strength (RSS) obtained from the existing wireless infrastructures for performing intrusion detection when the intruders or objects do not carry any radio devices. This is also known as passive intrusion detection. Passive intrusion detection based on the RSS data is an attractive approach as it reuses the existing wireless environmental data without requiring a specialized infrastructure. We propose a clustering-based learning mechanism for passive intrusion detection in wireless networks. Specifically, our detection scheme utilizes the clustering method to analyze the changes of RSS, caused by intrusions, at multiple devices to diagnose the presence of intrusions collaboratively. Our experimental results using an IEEE 802.15.4 (Zigbee) network in a real office environment show that our clustering-based learning can effectively detect the presence of intrusions.

AB - The large-scale wireless sensing data collected from wireless networks can be used for detecting intruders (e.g., enemies in tactical fields), and further facilitating real-time situation awareness in Army's network-centric warfare applications such as intrusion detection, battlefield protection and emergency evacuation. In this work, we focus on exploiting Received Signal Strength (RSS) obtained from the existing wireless infrastructures for performing intrusion detection when the intruders or objects do not carry any radio devices. This is also known as passive intrusion detection. Passive intrusion detection based on the RSS data is an attractive approach as it reuses the existing wireless environmental data without requiring a specialized infrastructure. We propose a clustering-based learning mechanism for passive intrusion detection in wireless networks. Specifically, our detection scheme utilizes the clustering method to analyze the changes of RSS, caused by intrusions, at multiple devices to diagnose the presence of intrusions collaboratively. Our experimental results using an IEEE 802.15.4 (Zigbee) network in a real office environment show that our clustering-based learning can effectively detect the presence of intrusions.

KW - Intrusion detection

KW - K-means clustering

KW - Received signal strength

KW - Wireless network

UR - http://www.scopus.com/inward/record.url?scp=79958172258&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79958172258&partnerID=8YFLogxK

U2 - 10.1117/12.852676

DO - 10.1117/12.852676

M3 - Conference contribution

AN - SCOPUS:79958172258

SN - 9780819481702

T3 - Proceedings of SPIE - The International Society for Optical Engineering

BT - Wireless Sensing, Localization, and Processing V

ER -

Yang J, Chen Y, Desai S, Quoraishee S. Passive intrusion detection in wireless networks by exploiting clustering-based learning. In Wireless Sensing, Localization, and Processing V. 2010. 770604. (Proceedings of SPIE - The International Society for Optical Engineering). https://doi.org/10.1117/12.852676