Classifying Rogue Access Points with Semantic Graph Artificial Intelligence

One of the most common wireless security threats is the rogue access point that can be used in many attacks like DoS and data theft. The definition of a Rogue Access Point (RAP) ranges from trivial to complex. Access point vendors lean toward a trivial definition: “If it is not created by me, it is a rogue”. However, cybersecurity domain experts have more sophisticated definitions of a rogue access point. The automated classification of rogue access points as defined by the logic of cybersecurity experts is an example of mimicking human capabilities. The cybersecurity industry does not have nearly enough human experts to fill the demand.

Thesis Statement:

An AI system using Semantic Technologies can be implemented to mimic human cybersecurity expert’s classification of the malicious profile of wireless access points.

Scope of Work:

The student will implement a system that classifies RAP maliciousness using Knowledge Representation and Reasoning (KR&R) techniques that mimic those of cybersecurity experts. This will require knowledge elicitation from experts and their documentation. Once elicited, the expertise will be represented in ontological languages and persisted in semantic graphs.

The AI system implemented by the student will be used to continuously monitor an enterprise’s wireless access points. Description Logics reasoners following the formal logic in the ontologies will continuously watch the access points. When an access point appears as or morphs into, a Rogue Access Point alerts will be issued.


Rogue Access Points are but one of many challenges within the domain of cybersecurity. The opportunity to expand the capabilities of a cybersecurity AI system such as the one that will be implemented are seemly limitless.


This project is in collaboration with the cybersecurity firm DarkLight Inc. (https[:]//

The student will be co-supervised by Vasileios Mavroeidis - Security Researcher at UiO, Nils Gruschka - Associate Professor at UiO, and Ryan Hohimer - CTO of DarkLight 

The student needs to have the resolve to work methodically and possibly produce a joint scientific publication from the conducted work.

Emneord: cyber security, artificial intelligence, semantic technologies
Publisert 14. nov. 2020 17:12 - Sist endret 24. nov. 2020 15:49

Omfang (studiepoeng)