Machine learning approach for detection of flooding DoS attacks in 802.11 networks and attacker localization

Mayank Agarwal, Dileep Pasumarthi, Santosh Biswas, Sukumar Nandi

Research output: Contribution to journalArticlepeer-review

32 Scopus citations


IEEE 802.11 Wi-Fi networks are prone to a large number of Denial of Service (DoS) attacks due to vulnerabilities at the media access control (MAC) layer of 802.11 protocol. In this work, we focus on the flooding DoS attacks in Wi-Fi networks. In flooding DoS attacks, a large number of legitimate looking spoofed requests are transmitted to a victim access point (AP). The processing of large number of spoofed frames results in a huge load at the AP, resulting in a flooding DoS attack. Current methods to detect the flooding DoS use encryption, signal characteristics, protocol modification, upgradation to newer standards etc. which are often expensive to operate and maintain. In this paper, we propose a novel Machine Learning (ML) based intrusion detection system along with intrusion prevention system (IPS) that not only detects the flooding DoS attacks in Wi-Fi networks, but also helps the victim station (STA) in recovering swiftly from the attack. To the best of our knowledge, the usage of ML based techniques for detection of flooding DoS attacks in 802.11 networks has largely been unexplored. The ML based IDS detects the flooding DoS attacks with a high accuracy (precision) and detection rate (recall). After the attack is detected, the location of the attacker is ascertained using Angle of Arrival based localization algorithm and traffic coming from the attacker region is blocked which helps in mitigating the effect of flooding DoS attack.

Original languageEnglish
Pages (from-to)1035-1051
Number of pages17
JournalInternational Journal of Machine Learning and Cybernetics
Issue number6
StatePublished - 1 Dec 2016
Externally publishedYes


  • 802.11
  • Flooding DoS attacks
  • Intrusion detection system
  • Localization
  • Machine learning
  • Sniffer
  • Wi-Fi networks

ASJC Scopus subject areas

  • Software
  • Computer Vision and Pattern Recognition
  • Artificial Intelligence


Dive into the research topics of 'Machine learning approach for detection of flooding DoS attacks in 802.11 networks and attacker localization'. Together they form a unique fingerprint.

Cite this