Approximation algorithms for NP-hard problems
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Proceedings of the 10th ACM conference on Computer and communications security
DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots
Proceedings of the 2nd international conference on Mobile systems, applications, and services
Measurement-based characterization of 802.11 in a hotspot setting
Proceedings of the 2005 ACM SIGCOMM workshop on Experimental approaches to wireless network design and analysis
The Final Nail in WEP's Coffin
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Enhancing the security of corporate Wi-Fi networks using DAIR
Proceedings of the 4th international conference on Mobile systems, applications and services
A first look at modern enterprise traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
802.11 denial-of-service attacks: real vulnerabilities and practical solutions
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Map: a scalable monitoring system for dependable 802.11 wireless networks
IEEE Wireless Communications
Sniffer Channel Selection for Monitoring Wireless LANs
WASA '09 Proceedings of the 4th International Conference on Wireless Algorithms, Systems, and Applications
A location-aware rogue AP detection system based on wireless packet sniffing of sensor APs
Proceedings of the 2011 ACM Symposium on Applied Computing
Sniffer channel selection for monitoring wireless LANs
Computer Communications
| Hi-index | 0.00 |
Unauthorized 802.11 wireless access points (APs), or rogue APs, such as those brought into a corporate campus by employees, pose a security threat as they may be poorly managed or insufficiently secured. An attacker in the vicinity may easily get onto the internal network through a rogue AP, bypassing all perimeter security measures. Existing detection solutions do not work well for detecting rogue APs configured as routers that are protected by WEP, 802.11 i, or other security measures. In this paper, we describe a new rogue AP detection method to address this problem. Our solution uses a verifier on the internal wired network to send test traffic towards wireless edge, and uses wireless sniffers to identify rouge APs that relay the test packets. To quickly sweep all possible rogue APs, the verifier uses a greedy algorithm to schedule the channels for the sniffers to listen to. To work with the encrypted AP traffic, the sniffers use a probabilistic algorithm that only relies on observed wireless frame size. Using extensive experiments, we show that the proposed approach can robustly detect rogue APs with moderate network overhead. The results also show that our algorithm is resilient to congested wireless channels and has low false positives/negatives in realistic environments.