Abstract
Rogue access point attack is one of the most important security threats for wireless local networks and has attracted great attention from both academia and industry. Utilizing received signal strength information is an effective solution to detect rogue access points. However, the received signal strength information is formed by multi-dimensional received signal strength vectors that are collected by multiple sniffers, and these received signal strength vectors are inevitably lacking in some dimensions due to the limited wireless transmission range and link instability. This will result in high false alarm rate for rogue access point detection. To solve this issue, we propose a received signal strength–based practical rogue access point detection approach, considering missing received signal strength values in received signal strength vectors collected in practical environment. First, we present a preprocessing scheme for received signal strength vectors, eliminating missing values by means of data filling, filtering, and averaging. Then, we perform clustering analysis on the received signal strength vectors, where we design a distance measurement method that dynamically uses partial components in received signal strength vectors to minimize the distance deviation due to missing values. Finally, we conduct the experiments to evaluate the performance of the practical rogue access point detection. The results demonstrate that the practical rogue access point detection can significantly reduce the false alarm rate while ensuring a high detection rate.
Highlights
Nowadays, the IEEE 802.11 wireless local network (WLAN) is becoming an extremely popular wireless technology for various scenarios, such as campuses, homes, enterprise environments, and public spaces.[1,2] With the wide deployment of WLANs, the issues of security and privacy have been increasingly emerging.[3]
Rogue access point (AP) attacks have attracted more and more attention, and the rogue AP is defined as an illegal AP that is not deployed by the WLAN administrator.[4]
The results show that the practical rogue access point detection (PRAPD) can effectively reduce the false alarm rate while ensuring a high detection rate
Summary
The IEEE 802.11 wireless local network (WLAN) is becoming an extremely popular wireless technology for various scenarios, such as campuses, homes, enterprise environments, and public spaces.[1,2] With the wide deployment of WLANs, the issues of security and privacy have been increasingly emerging.[3] Due to the openness of the wireless transmission medium, a variety of attacks can be launched . The missing values in RSS vectors will affect the effectiveness of rogue AP detection, resulting in a higher false alarm rate.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal of Distributed Sensor Networks
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.