Abstract
Frame resolution and physical layer (PHY) protocol type detection are the basis of research and development of intrusion prevention systems for IEEE 802.11 wireless network. Aiming at the problems which cannot be solved by the specifications export, this paper proposed a MAC frame analytical method and a PHY protocol type detection algorithm based on parsing the IEEE 802.11packets captured by the library Libpcap. The packet structure and the length of the frame preamble (18 or 26 bytes) are presented. Then the methods of transforming byte-order and resolving sub-fields are given. A detection algorithm of PHY protocol type is proposed based on the experiments and examples are given to verify these methods. This work can be a reference for the R & D related to link layer frame analysis.
Highlights
IEEE 802.11 Wireless LAN (WLAN) plays an important role in personal Internet access as well as industrial applications [1] [2] [3] [4], because of its convenient deployment, lower cost and mobility
Aiming at the problems which cannot be solved by the specifications export, this paper proposed a MAC frame analytical method and a physical layer (PHY) protocol type detection algorithm based on parsing the IEEE 802.11packets captured by the library Libpcap
Capturing and resolving the MAC frames are the technical basis of kinds of security systems for IEEE 802.11 wireless network
Summary
IEEE 802.11 Wireless LAN (WLAN) plays an important role in personal Internet access as well as industrial applications [1] [2] [3] [4], because of its convenient deployment, lower cost and mobility. Capturing and resolving the MAC frames are the technical basis of a real-time monitoring and analysis system, vulnerability scanning system and intrusion detection system for WLAN [6] [7] [8] [9] [10]. We can parse the captured MAC frames to get the information and use the appropriate detection algorithm to identify the potential risks in a WLAN. Network managers can analyze the behaviors of APs or STAs on the basis of their real-time PHY protocol type and other information to identify suspicious devices in a WLAN. Aiming at the problems above, this paper proposes a MAC frame resolution method and a PHY protocol type detection algorithm of IEEE 802.11, on the basis of a large number of experiments for frame capturing and analyzing. The packet capturing is based on the library of Linux Libpcap
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
