A Hybrid Rogue Access Point Protection Framework for Commodity Wi-Fi Networks

Liran Ma, Amin Y. Teymorian, Xiuzhen Cheng
{"title":"A Hybrid Rogue Access Point Protection Framework for Commodity Wi-Fi Networks","authors":"Liran Ma, Amin Y. Teymorian, Xiuzhen Cheng","doi":"10.1109/INFOCOM.2008.178","DOIUrl":null,"url":null,"abstract":"We develop a practical and comprehensive hybrid rogue access point (AP) detection framework for commodity Wi- Fi networks. It is the first scheme that combines the distributed wireless media surveillance and the centralized wired end socket level traffic \"fingerprinting\" The former is designed not only to detect various types of rogue APs, but also to discover suspicious activities so as to prevent the adversaries from turning victim APs into rogue devices. Moreover, the socket level traffic fingerprinting helps our frame work to achieve a finer granularity on rogue AP detection among the existing schemes. This framework has the following nice properties: i) it requires neither specialized hardware nor modification to existing standards; ii) the proposed mechanism greatly improves the rogue AP detection probability so that network resilience is improved; iii) it provides a cost-effective solution to Wi-Fi network security enhancement by incorporating free but mature software tools; iv) it can protect the network from adversaries capable of using customized equipment and/or violating the IEEE 802.11 standard; v) its open architecture allows extra features to be easily added on in the future. Our analysis and evaluation demonstrate that this hybrid rogue AP protection framework is capable of reliably revealing rogue devices and preempting potential attacks.","PeriodicalId":447520,"journal":{"name":"IEEE INFOCOM 2008 - The 27th Conference on Computer Communications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"100","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE INFOCOM 2008 - The 27th Conference on Computer Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INFOCOM.2008.178","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 100

Abstract

We develop a practical and comprehensive hybrid rogue access point (AP) detection framework for commodity Wi- Fi networks. It is the first scheme that combines the distributed wireless media surveillance and the centralized wired end socket level traffic "fingerprinting" The former is designed not only to detect various types of rogue APs, but also to discover suspicious activities so as to prevent the adversaries from turning victim APs into rogue devices. Moreover, the socket level traffic fingerprinting helps our frame work to achieve a finer granularity on rogue AP detection among the existing schemes. This framework has the following nice properties: i) it requires neither specialized hardware nor modification to existing standards; ii) the proposed mechanism greatly improves the rogue AP detection probability so that network resilience is improved; iii) it provides a cost-effective solution to Wi-Fi network security enhancement by incorporating free but mature software tools; iv) it can protect the network from adversaries capable of using customized equipment and/or violating the IEEE 802.11 standard; v) its open architecture allows extra features to be easily added on in the future. Our analysis and evaluation demonstrate that this hybrid rogue AP protection framework is capable of reliably revealing rogue devices and preempting potential attacks.
商用Wi-Fi网络的混合流氓接入点保护框架
我们为商用Wi- Fi网络开发了一个实用而全面的混合流氓接入点(AP)检测框架。这是第一个将分布式无线媒体监控和集中式有线端套接字级流量“指纹识别”相结合的方案,前者不仅可以检测各种类型的流氓ap,还可以发现可疑活动,防止攻击者将受害ap变成流氓设备。此外,套接字级别的流量指纹识别有助于我们的框架在现有方案中实现更细粒度的非法AP检测。该框架具有以下优点:i)它既不需要专门的硬件,也不需要对现有标准进行修改;ii)所提出的机制大大提高了流氓AP的检测概率,从而提高了网络的弹性;iii)结合免费但成熟的软件工具,为增强Wi-Fi网络的安全性提供具成本效益的解决方案;iv)它可以保护网络免受能够使用定制设备和/或违反IEEE 802.11标准的对手的攻击;V)它的开放架构允许在将来很容易地添加额外的功能。我们的分析和评估表明,这种混合恶意AP保护框架能够可靠地发现恶意设备并抢占潜在攻击。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信