Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods

İmran Kaçan; Batuhan Gül; Fatih Ertam

doi:10.35377/saucis...1462721

EN

Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods

Abstract

As technology advances, the frequency of attacks targeting technological devices has surged. This rise in cyber threats poses a constant risk to the devices we rely on. Any device connected to a network becomes vulnerable to exploitation by attackers. Given the extensive interconnectedness of devices in network environments, this research endeavors to address this pressing issue. The aim of this study is to analyze and classify network traffic generated during potential cyber attacks using various classification algorithms. By subjecting a simulated environment to different cyber attack scenarios, we extract the distinctive features of network packets generated during these attacks. Subsequently, we employ widely used classification algorithms to train and analyze the obtained data. For the comparison of models, more than 7000 attack data instances were employed. At the conclusion of the comparison, the Gradient Boosting algorithm achieved the highest accuracy value, reaching 91%, whereas the Naive Bayes algorithm obtained the lowest accuracy, reaching 74%.

Keywords

Supporting Institution

Fırat University

Project Number

Our study is supported by Fırat University Scientific Research Projects Coordination Unit with project number TEKF.23.12.

Thanks

We would like to thank Fırat University.

References

A. N. Ozalp, Z. Albayrak, and A. Zengin, “Expansion of Wireless Networks using IEEE 802.3af Protocol in Protected Areas,” in 5th International Symposium on Innovative Technologies in Engineering and Science, 2017.
M. Wazid, A. K. Das, V. Chamola, and Y. Park, “Uniting cyber security and machine learning: Advantages, challenges and future research,” 2022. doi: 10.1016/j.icte.2022.04.007.
S. GÖNEN, H. İ. ULUS, and E. N. YILMAZ, “Bilişim Alanında İşlenen Suçlar Ve Kişisel Verilerin Korunması,” Bilişim Teknol. Derg., vol. 9, no. 3, Sep. 2016, doi: 10.17671/btd.90710.
E. AKBAL, Ş. DOĞAN, T. TUNCER, and N. S. ATALAY, “Adli Bilişim Alanında Ağ Analizi,” Bitlis Eren Üniversitesi Fen Bilim. Derg., vol. 8, no. 2, pp. 582–594, 2019, doi: 10.17798/bitlisfen.479303.
K. A. Dhanya, S. Vajipayajula, K. Srinivasan, A. Tibrewal, T. S. Kumar, and T. G. Kumar, “Detection of Network Attacks using Machine Learning and Deep Learning Models,” Procedia Comput. Sci., vol. 218, pp. 57–66, 2023, doi: 10.1016/j.procs.2022.12.401.
R. Ahmad, R. Wazirali, and T. Abu-Ain, “Machine Learning for Wireless Sensor Networks Security: An Overview of Challenges and Issues,” 2022. doi: 10.3390/s22134730.
A. Mughaid et al., “Improved dropping attacks detecting system in 5g networks using machine learning and deep learning approaches,” Multimed. Tools Appl., vol. 82, no. 9, pp. 13973–13995, Apr. 2023, doi: 10.1007/s11042-022-13914-9.
M. Waqas, S. Tu, Z. Halim, S. U. Rehman, G. Abbas, and Z. H. Abbas, “The role of artificial intelligence and machine learning in wireless networks security: principle, practice and challenges,” Artif. Intell. Rev., vol. 55, no. 7, pp. 5215–5261, Oct. 2022, doi: 10.1007/s10462-022-10143-2.

D. M. Gezgin and E. Buluş, “Kablosuz Erişim Noktalarına Yapılan DoS Saldırıları,” pp. 83–89, 2008.
A. N. Kadhim and S. B. Sadkhan, “Security Threats in Wireless Network Communication-Status, Challenges, and Future Trends,” in 2021 International Conference on Advanced Computer Applications (ACA), IEEE, Jul. 2021, pp. 176–181. doi: 10.1109/ACA52198.2021.9626810.
D. Cossa, “The Dangers of Deauthentication Attacks in an Increasingly Wireless World,” Iowa State Univ., vol. 537, 2014.
R. Cheema, D. Bansal, and S. Sofat, “Deauthentication/Disassociation Attack: Implementation and Security in Wireless Mesh Networks,” Int. J. Comput. Appl., vol. 23, no. 7, pp. 7–15, 2011, doi: 10.5120/2901-3801.
W. Liu, “Research on DoS attack and detection programming,” in 3rd International Symposium on Intelligent Information Technology Application, IITA 2009, 2009. doi: 10.1109/IITA.2009.165.
A. N. Ozalp, Z. Albayrak, M. Cakmak, and E. Ozdogan, “Layer-based examination of cyber-attacks in IoT,” in HORA 2022 - 4th International Congress on Human-Computer Interaction, Optimization and Robotic Applications, Proceedings, 2022. doi: 10.1109/HORA55278.2022.9800047.
D. Mertkan Gezgin and E. Buluş, “KABLOSUZ AĞLARIN GÜVENLİK AÇIKLARININ EĞİTİM AMAÇLI İNCELENMESİ İÇİN UYGULAMA TASARIMI,” Cilt, vol. 2, no. 1, pp. 127–135, 2012.
H. (Harshita) Harshita, “Detection and Prevention of ICMP Flood DDOS Attack,” Int. J. New Technol. Res., vol. 3, no. 3, p. 263333, 2017, [Online]. Available: https://www.neliti.com/publications/263333/
Z.-Y. Shen, M.-W. Su, Y.-Z. Cai, and M.-H. Tasi, “Mitigating SYN Flooding and UDP Flooding in P4-based SDN,” in 2021 22nd Asia-Pacific Network Operations and Management Symposium (APNOMS), IEEE, Sep. 2021, pp. 374–377. doi: 10.23919/APNOMS52696.2021.9562660.
M. Thankappan, H. Rifà-Pous, and C. Garrigues, “Multi-Channel Man-in-the-Middle attacks against protected Wi-Fi networks: A state of the art review,” Expert Syst. Appl., vol. 210, p. 118401, Dec. 2022, doi: 10.1016/j.eswa.2022.118401.
B. L. Aylak, O. Oral, and K. Yazici, “Using artificial intelligence and machine learning applications in logistics,” 2021. doi: 10.31202/ecjse.776314.
A. N. Özalp and Z. Albayrak, “Detecting Cyber Attacks with High-Frequency Features using Machine Learning Algorithms,” Acta Polytech. Hungarica, 2022, doi: 10.12700/APH.19.7.2022.7.12.
A. Robles-Velasco, P. Cortés, J. Muñuzuri, and L. Onieva, “Prediction of pipe failures in water supply networks using logistic regression and support vector classification,” Reliab. Eng. Syst. Saf., vol. 196, p. 106754, Apr. 2020, doi: 10.1016/j.ress.2019.106754.
V. J. Pandya, “Comparing Handwritten Character Recognition by AdaBoostClassifier and KNeighborsClassifier,” in 2016 8th International Conference on Computational Intelligence and Communication Networks (CICN), IEEE, Dec. 2016, pp. 271–274. doi: 10.1109/CICN.2016.59.
M. Grandini, E. Bagli, and G. Visani, “Metrics for Multi-Class Classification: an Overview,” pp. 1–17, 2020, [Online]. Available: http://arxiv.org/abs/2008.05756
A. H. Lashkari, G. D. Gil, M. S. I. Mamun, and A. A. Ghorbani, “Characterization of tor traffic using time based features,” in ICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy, 2017, pp. 253–262. doi: 10.5220/0006105602530262.
S. Ganapathy, K. Kulothungan, S. Muthurajkumar, M. Vijayalakshmi, L. Yogesh, and A. Kannan, “Intelligent feature selection and classification techniques for intrusion detection in networks: A survey,” Eurasip J. Wirel. Commun. Netw., 2013, doi: 10.1186/1687-1499-2013-271.
C. Kolias, G. Kambourakis, and M. Maragoudakis, “Swarm intelligence in intrusion detection: A survey,” Comput. Secur., 2011, doi: 10.1016/j.cose.2011.08.009.
O. Atilla and E. Hamit, “A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015,” PeerJ, 2016.
R. Bala, “A REVIEW ON KDD CUP99 AND NSL-KDD DATASET,” Int. J. Adv. Res. Comput. Sci., 2019, doi: 10.26483/ijarcs.v10i2.6395.
M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” in IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, 2009. doi: 10.1109/CISDA.2009.5356528.
Y. Hamid, V. R. Balasaraswathi, L. Journaux, and M. Sugumaran, “Benchmark Datasets for Network Intrusion Detection: A Review,” Int. J. Netw. Secur., 2018.
N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” in 2015 Military Communications and Information Systems Conference, MilCIS 2015 - Proceedings, 2015. doi: 10.1109/MilCIS.2015.7348942.
N. Moustafa and J. Slay, “The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set,” Inf. Secur. J., 2016, doi: 10.1080/19393555.2015.1125974.

Details

Primary Language

English

Subjects

Software Engineering (Other)

Journal Section

Research Article

Authors

İmran Kaçan
0000-0003-3912-0248
Türkiye

Batuhan Gül ^*
0009-0007-1772-5373
Türkiye

Fatih Ertam
0000-0002-9736-8068
Türkiye

Early Pub Date

August 23, 2024

Publication Date

August 31, 2024

Submission Date

April 1, 2024

Acceptance Date

June 4, 2024

Published in Issue

Year 2024 Volume: 7 Number: 2

DOI

https://doi.org/10.35377/saucis...1462721

IZ

https://izlik.org/JA27PS33HC

Cite

RIS / Bibtex

APA

Kaçan, İ., Gül, B., & Ertam, F. (2024). Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods. Sakarya University Journal of Computer and Information Sciences, 7(2), 203-216. https://doi.org/10.35377/saucis...1462721

AMA

1.Kaçan İ, Gül B, Ertam F. Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods. SAUCIS. 2024;7(2):203-216. doi:10.35377/saucis.1462721

Chicago

Kaçan, İmran, Batuhan Gül, and Fatih Ertam. 2024. “Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods”. Sakarya University Journal of Computer and Information Sciences 7 (2): 203-16. https://doi.org/10.35377/saucis. 1462721.

EndNote

Kaçan İ, Gül B, Ertam F (August 1, 2024) Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods. Sakarya University Journal of Computer and Information Sciences 7 2 203–216.

IEEE

[1]İ. Kaçan, B. Gül, and F. Ertam, “Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods”, SAUCIS, vol. 7, no. 2, pp. 203–216, Aug. 2024, doi: 10.35377/saucis...1462721.

ISNAD

Kaçan, İmran - Gül, Batuhan - Ertam, Fatih. “Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods”. Sakarya University Journal of Computer and Information Sciences 7/2 (August 1, 2024): 203-216. https://doi.org/10.35377/saucis. 1462721.

JAMA

1.Kaçan İ, Gül B, Ertam F. Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods. SAUCIS. 2024;7:203–216.

MLA

Kaçan, İmran, et al. “Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods”. Sakarya University Journal of Computer and Information Sciences, vol. 7, no. 2, Aug. 2024, pp. 203-16, doi:10.35377/saucis. 1462721.

Vancouver

1.İmran Kaçan, Batuhan Gül, Fatih Ertam. Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods. SAUCIS. 2024 Aug. 1;7(2):203-16. doi:10.35377/saucis. 1462721

Öz

Network Forensics Analysis of Cyber Attacks Carried Out Over Wireless Networks Using Machine Learning Methods

Abstract

Keywords

Supporting Institution

Project Number

Thanks

References

Details

Primary Language

Subjects

Journal Section

Authors

Early Pub Date

Publication Date

Submission Date

Acceptance Date

Published in Issue

DOI

IZ

Cite