Abstract
WiFi networks are vulnerable to rogue AP attacks in which an attacker sets up an imposter AP to lure mobile users to connect. The attacker can eavesdrop on the communication, severely threatening users' privacy. Existing rogue AP detection solutions are confined to some specific attack scenarios (e.g., by relaying the traffic to a target AP) or require additional hardware. In this paper, we propose a crowdsensing based approach, named CRAD, to detect rogue APs in camouflage without specialized hardware requirement. CRAD exploits the spatial correlation of RSS to identify a potential imposter, which should be at a different location from the legitimate one. The RSS measurements collected from the crowd facilitate a robust profile and minimize the inaccuracy effect of a single RSS value. As a result, CRAD can filter out abnormal samples sensed in the realtime by dynamically matching the profile. We evaluate our approach with both a public dataset and a real prototype. The results show that CRAD can yield 90% detection accuracy and precision with proper crowd presence, even when the rogue AP is launched close to the legitimate one (e.g., within 1m).
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
