GitHunt
MA

Mateusz-Peplinski/AAPADS

Advanced Access Point Anomaly Detection System

anomaly-detectionidsieee80211intrusion-detectionintrusion-detection-systemmachine-learningmonitor-modepacket-analyserpacket-capturesnifferwidswifi-analyzerwifi-configurationwifi-hackingwifi-scannerwifimanagerwirelesswireless-security

๐Ÿ›ก๏ธ Advanced Access Point Anomaly Detection System ๐Ÿ›ก๏ธ

๐Ÿ“Œ Introduction

The Advanced Access Point Anomaly Detection System (AAPADS) proactively mitigates the increased risk of data interception and provides detection of wireless cyber attacks.
AAPADS also contains many WiFi and 802.11 analysis functionalities such as:

  • The ability to investigate and collect information on access points near you
  • The ability to inspect and investigate 802.11 Managment Frames captured in monitor mode
  • Get notifed of security misconfigurations on your wireless network

Technical Overview ๐Ÿ–ฅ๏ธ

Platform & Development Environment:

Screenshot 1 Screenshot 2 Screenshot 3 Screenshot 4 Screenshot 4

Note: The SSID and MAC addresses shown in the screenshots are samples. And product is MVP

  • Primary Language: C#
  • Platform: x64 (64-bit) Windows operating system.
  • User Interface: Developed using Microsoft's WPF (Windows Presentation Foundation) to ensure an interactive front-end experience.

๐Ÿ“ Architecture

Figure 1 โ€“ Basic architecture of AAPADS

Not Final Version

1๏ธโƒฃ Data Ingest Engine

  • Function: Collects data about the wireless environment in which AAPADS operates.
  • Data Type: Electromagnetic wave transmissions in the 2.4GHz and 5GHz range (+6GHz if your WLAN adapter supports Wi-Fi 6).
  • Operation: Continuously passes data to the next stage for processing.

2๏ธโƒฃ Normalization Engine

  • Function: Defines the "normal" state of the wireless environment.
  • Process: Sets thresholds for certain data types collected from the Data Ingest Engine.
  • Outcome: Creates a profile of the wireless environment, used by the Detection Engine.

3๏ธโƒฃ Detection Engine

  • Function: Analyzes the wireless environment profile.
  • Operation: Identifies data surpassing threshold values, assigning a risk score to detected anomalies.
  • Scoring System: Anomalies are graded with a score value (max 100), and categorized as:
    • ๐ŸŸข LOW (0-30)
    • ๐ŸŸก MEDIUM (31-60)
    • ๐ŸŸ  HIGH (61-79)
    • ๐Ÿ”ด CRITICAL (80-100)

Upon detection of an anomaly, the system flags it as a cyber incident. Users are notified and can directly take action through the application.

๐Ÿš€ Usage

  1. Launch AAPADS.
  2. Allow the system to collect and process wireless environment data.
  3. Monitor the notifications and take action as necessary.

โš™๏ธ Setup & Installation

Will be released with the first official program release, soon...

๐Ÿ“œ License

TBA

Languages

C#93.3%C6.6%C++0.1%

Contributors

MATE
Created August 2, 2023
Updated March 8, 2026
Mateusz-Peplinski/AAPADS | GitHunt