Generalizing the hough transform to detect arbitrary shapes
Readings in computer vision: issues, problems, principles, and paradigms
Randomized Hough transform (RHT): basic mechanisms, algorithms, and computational complexities
CVGIP: Image Understanding
PC based precision timing without GPS
SIGMETRICS '02 Proceedings of the 2002 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Estimation and Removal of Clock Skew from Network Delay Measurements
Estimation and Removal of Clock Skew from Network Delay Measurements
Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks
Proceedings of the 10th annual international conference on Mobile computing and networking
Remote Physical Device Fingerprinting
IEEE Transactions on Dependable and Secure Computing
Enhancing the security of corporate Wi-Fi networks using DAIR
Proceedings of the 4th international conference on Mobile systems, applications and services
Hot or not: revealing hidden services by their clock skew
Proceedings of the 13th ACM conference on Computer and communications security
Passive data link layer 802.11 wireless device driver fingerprinting
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
ACM Transactions on Information and System Security (TISSEC)
On the effectiveness of secret key extraction from wireless signal strength in real environments
Proceedings of the 15th annual international conference on Mobile computing and networking
On the reliability of wireless fingerprinting using clock skews
Proceedings of the third ACM conference on Wireless network security
Physical-layer identification of UHF RFID tags
Proceedings of the sixteenth annual international conference on Mobile computing and networking
Towards clock skew based services in wireless sensor networks
International Journal of Sensor Networks
Non-cryptographic authentication and identification in wireless networks
IEEE Wireless Communications
On the practicality of UHF RFID fingerprinting: how real is the RFID tracking problem?
PETS'11 Proceedings of the 11th international conference on Privacy enhancing technologies
Towards Practical Identification of HF RFID Devices
ACM Transactions on Information and System Security (TISSEC)
On physical-layer identification of wireless devices
ACM Computing Surveys (CSUR)
SecureArray: improving wifi security with fine-grained physical-layer information
Proceedings of the 19th annual international conference on Mobile computing & networking
A defense against clock skew replication attacks in wireless sensor networks
Journal of Network and Computer Applications
Hi-index | 0.01 |
We explore the use of clock skew of a wireless local area network access point (AP) as its fingerprint to detect unauthorized APs quickly and accurately. The main goal behind using clock skews is to overcome one of the major limitations of existing solutions - the inability to effectively detect Medium Access Control (MAC) address spoofing. We calculate the clock skew of an AP from the IEEE 802.11 Time Synchronization Function (TSF) timestamps sent out in the beacon/probe response frames. We use two different methods for this purpose - one based on linear programming and the other based on least square fit. We supplement these methods with a heuristic for differentiating original packets from those sent by the fake APs. We collect TSF timestamp data from several APs in two different residential settings. Using our measurement data as well as data obtained from a large conference setting, we find that clock skews remain consistent over time for the same AP but vary significantly across APs. Furthermore, we improve the resolution of received timestamp of the frames and show that with this enhancement our methodology can find clock skews very quickly, using 50-100 packets in most of the cases. We also discuss and quantify the impact of various external factors including temperature variation, virtualization, and NTP synchronization on clock skews. Our results indicate that the use of clock skews appears to be an efficient and robust method for detecting fake APs in wireless local area networks.