RIDS: Real-time Intrusion Detection System for WPA3 enabled Enterprise Networks
Rahul Saini, Debajyoti Halder, Anand M. Baswade
Abstract
With the advent of new IEEE 802.11ax (WiFi 6) devices, enabling security is a priority. Since previous versions were found to have security vulnerabilities, the WiFi Protected Access 3 (WPA3) was introduced to fix the most common security flaws. Although WPA3 is an improvement over its predecessor in terms of security, recently, it was found that WPA3 has a few security vulnerabilities as well. In this paper, we have mentioned the previously known vulnerabilities in WPA3 and WPA2. In addition, we have created our dataset based on WPA3 attacks. We have proposed a two-stage solution for detecting an intrusion in the network. The two-stage approach will help ease the computational processing burden of an AP and WLAN Controller. First, Access Point (AP) will perform a lightweight, simple operation for some duration (say 500ms) at a particular time interval. Upon discovering any abnormality in the flow of traffic, an ML-based solution at the controller will detect the type of attack. Our approach is to utilize resources on AP and the back-end controller with a certain optimization level. We have achieved over 99% accuracy in attack detection using a Machine Learning (ML) based solution. We have also publicly provided our code and dataset for the open-source research community so that it can contribute to future research work.