Kwontaek Lim, Jiawei Shao, Jonghoon Lee, Souhwan Jung
(School of Electronic Engineering, Soongsil University, Seoul 156-743, Korea)
Abstract:A scheme of rogue access point(Rogue AP) detection based on AP’s localization is proposed. Global position system(GPS) information and received signal strength(RSS) information are used to get the location of AP in a smartphone, which is compared with the database located in a remote server. The proposed scheme can detect not only fake access point(Fake AP) but also Evil Twin AP. It can be a user-oriented solution to detecting Rogue AP threats, and users can use it flexibly.
Key words:rogue access point(Rogue AP); wireless local area network(WLAN) security; Evil Twin attacks
CLD number: TP926 Document code: A
Article ID: 1674-8042(2012)04-0370-04 doi: 10.3969/j.issn.1674-8042.2012.04.014
References
[1] Branch J W, Petroni N L Jr, Van Doorn L, et al. Autonomic 802.11 wireless LAN security auditing. IEEE Security & Privacy, 2004, 2(3): 56-65.
[2] AirWave. AirWave wireless management suite.ArubaNetworks, 2006.
[3] Bahl P, Chandra R, Padhye J, et al. Enhancing the security of corporate Wi-Fi networks using DAIR. Proc. of the 4th International Conference on Mobile Systems, Applications and Services (MobiSys 06), ACM Press, Uppsala, Sweden, 2006: 1-14.
[4] Yeo J, Youssef M, Agrawala A. A framework for wireless LAN monitoring and its applications. Proc. of 2004 ACM workshop on Wireless security(WiSe’04), Philadephia, USA, 2004: 70-79.
[5] WEI Wei, Suh K, WANG Bing, et al. Passive online detection of 802.11 traffic using sequential hypothesis testing with TCP ACK-pairs. IEEE Trans. on Mobile Computing, 2009, 8(3): 398-412.
[6] Jana S, Kasera S. On fast and accurate detection of unauthorized wireless access points using clock skews. IEEE Trans. on Mobile Computing, 2010, 9(3): 449-462.
[7] Spencer J. Use of an artificial neural network to detect anomalies in wireless device location for the purpose of intrusion detection. Proc. of the IEEE SoutheastCon, 2005: 686-691.
[8] Laurendeau C, Barbeau M. Hyperbolic location estimation of malicious nodes in mobile WiFi/802.11 networks. Proc. of the 2nd IEEE LCN Workshop on User Mobility and Vehicular Networks (ON-MOVE), 2008:600-607.
[9] Mano C D, Blaich A, Liao Q, et al. RIPPS: rogue identifying packet payload slicer detecting unauthorized wireless hosts through network traffic conditioning. ACM Trans. on Information and Syustem Security, 2008, 11(2): 1-23.
[10] HAN Hao, SHENG Bo, Tan C C, et al. A timing-based scheme for rogue AP detection. IEEE Trans. on Parallel and Distributed Systemas, 2011, 22(11): 1912-1925.
[11] SONG Yi-min, YANG Chao, GU Guo-fei. Who is peeping at your passwords at Starbucks?—To catch an evil twin access point. Proc. of IEEE/IFIP DSN 2010, Chicago, USA, 2010: 323-332.
[12] Monica D, Ribeiro C. WiFiHop-mitigating the Evil Twin attack through multi-hop detection. Proc. of the 16th European Conference on Research in Computer Security (ESORICS 2011), Leuven, Belgium, 201:21-39.
[13] Smith A D. Strange Wi-Fi spots may harbor hackers: ID thieves may lurk behind a hot spot with a friendly name.[2012-08-6-28]. http://www.m2mevolution.com/news/2007/05/09/2597106.htm.
[14] Wolfe D. Security watch. American Banker, 2007, 172(31): 7.
[15] Chun S M, Lee S M, Nah J W, et al. Localization of Wi-Fi access point using smartphone’s GPS information. Proc. of IEEE Conference on Mobile and Wireless Networking (iCOST), 2011:121-126.