Article’s

Wireless networks are increasingly being compromised by Wi-Fi access points which execute man in the middle attacks, eavesdrop on conversations as well as stealing passwords. Traditional methods of detection which involve application of fixed rules or signatures tend to miss out the new or unknown threats. To detect the unauthorized Wi-Fi access points, this research paper provides a hybrid machine learning approach to analyze behavioral traffic. A preprocessing pipeline is leakage-free and it comprises of data cleaning, removal of suspicious features, feature encoding, scaling, and feature selection which increases model reliability. XGBoost, random forest and Linear Support Vector machine are used to classify access points as safe or rogue. In order to reduce the false negatives and to enhance the accuracy of detection, the predictions of such models are used in an ensemble voting process. Evaluation is done with the AWID Wi-Fi intrusion dataset that consists of 154 traffic characteristics. The proposed architecture is very accurate and recalls high in experiments. With the help of Flask web application, trained models would be deployed to enable detection of rogue access points in real-time.