TermID: a distributed swarm intelligence-based approach for wireless intrusion detection

With the mushrooming of wireless access infrastructures, the amount of data generated, transferred and consumed by the users of such networks has taken enormous proportions. This fact further complicates the task of network intrusion detection, especially when advanced machine learning (ML) operations are involved in the process. In wireless environments, the monitored data are naturally distributed among the numerous sensor nodes of the system. Therefore, the analysis of data must either happen in a central location after first collecting it from the sensors or locally through collaboration by viewing the problem through a distributed ML perspective. In both cases, concerns are risen regarding the requirements of this demanding task in matters of required network resources and achieved security/privacy. This paper proposes TermID, a distributed network intrusion detection system that is well suited for wireless networks. The system is based on classification rule induction and swarm intelligence principles to achieve efficient model training for intrusion detection purposes, without exchanging sensitive data. An additional achievement is that the produced model is easily readable by humans. While these are the main design principles of our approach, the accuracy of the produced model is not compromised by the distribution of the tasks and remains at competitive levels. Both the aforementioned claims are verified by the results of detailed experiments withheld with the use of a publicly available security-focused wireless dataset.