Affiliation:
1. University of Notre Dame
Abstract
Wireless network access has become an integral part of computing both at home and at the workplace. The convenience of wireless network access at work may be extremely beneficial to employees, but can be a burden to network security personnel. This burden is magnified by the threat of inexpensive wireless access points being installed in a network without the knowledge of network administrators. These devices, termed <it>Rogue Wireless Access Points</it>, may allow a malicious outsider to access valuable network resources, including confidential communication and other stored data. For this reason, wireless connectivity detection is an essential capability, but remains a difficult problem. We present a method of detecting wireless hosts using a local RTT metric and a novel packet payload slicing technique. The local RTT metric provides the means to identify physical transmission media while packet payload slicing conditions network traffic to enhance the accuracy of the detections. Most importantly, the packet payload slicing method is transparent to both clients and servers and does not require direct communication between the monitoring system and monitored hosts.
Funder
Division of Computer and Network Systems
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Reference16 articles.
1. Adya A. Bahl P. Chandra R. and Qiu L. 2004. Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks. In <it>Proceedings of Annual International Conference on Mobile Computing and Networking (MOBICOM'04)</it>. 30--44. 10.1145/1023720.1023724 Adya A. Bahl P. Chandra R. and Qiu L. 2004. Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks. In <it>Proceedings of Annual International Conference on Mobile Computing and Networking (MOBICOM'04)</it>. 30--44. 10.1145/1023720.1023724
2. Bellovin S. M. 2002. A technique for counting NATted hosts. In <it>Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurement (SIGCOMM'02)</it>. 267--272. 10.1145/637201.637243 Bellovin S. M. 2002. A technique for counting NATted hosts. In <it>Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurement (SIGCOMM'02)</it>. 267--272. 10.1145/637201.637243
3. Beyah R. Kangude S. Yu G. Strickland B. and Copeland J. 2004. Rogue access point detection using temporal traffic characteristics. In <it>Proceedings of IEEE Global Telecommunications Conference (GLOBECOM'04)</it>. 2271--2275. Beyah R. Kangude S. Yu G. Strickland B. and Copeland J. 2004. Rogue access point detection using temporal traffic characteristics. In <it>Proceedings of IEEE Global Telecommunications Conference (GLOBECOM'04)</it>. 2271--2275.
Cited by
28 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. EvilSpot: Detection and Mitigation in Multi Channel;2023 International Conference on Advances in Electronics, Communication, Computing and Intelligent Information Systems (ICAECIS);2023-04-19
2. WPFD: Active User-Side Detection of Evil Twins;Applied Sciences;2022-08-12
3. CUP: Cellular Ultra-light Probe-based Available Bandwidth Estimation;2021 IEEE/ACM 29th International Symposium on Quality of Service (IWQOS);2021-06-25
4. Client-side rogue access-point detection using a simple walking strategy and round-trip time analysis;EURASIP Journal on Wireless Communications and Networking;2020-12
5. A passive user-side solution for evil twin access point detection at public hotspots;International Journal of Communication Systems;2020-06-25