On Detecting Wi-Fi Unauthorized Access Utilizing Software Define Network (SDN) and Machine Learning Algorithms

Software Defined Network (SDN) emerged as a new paradigm to tackle issues in computer networks field. In this paradigm, data plane and control plan are separated. A controller is introduced in the network. This controller acts on behalf of network middle boxes. In this work, the implication of anomaly breaches in wireless networks is investigated. The ossified authentication techniques of wireless access points are not sufficient to secure their networks. To this end, hybrid network intrusion detection algorithm (HNID) is proposed based on user behaviors in the network. This algorithm adopts two different machine learning algorithms. The first algorithm utilizes Artificial Neural Network (ANN) model with genetic algorithm (GANN-AD) to detect anomaly behaviors in the network. The second algorithm tailored the unsupervised soft-clustering based on estimation maximization (EM) model(SCAD).HNID adopts these models to train the first model from the output of the second model if anomaly is detected in the second model only. The algorithm works in real time and the models can be trained on the fly. To test the proposed model, HNID has been implemented in Ryu controller. A testbed has been implemented using openflow enabled HP-2920 switch. Our results show that GANN-AD model detected anomaly with 88% and negative detection of 5%. Moreover, SCAD detected anomaly with 80% and produces a probability of 45% anomaly for 35% of traffic. When combining these algorithms in HNID, the accuracy reached 92%.