Elements of information theory
Elements of information theory
Characterizing user behavior and network performance in a public wireless LAN
SIGMETRICS '02 Proceedings of the 2002 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks
Proceedings of the 10th annual international conference on Mobile computing and networking
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Classification of access network types: Ethernet, wireless LAN, ADSL, cable modem or dialup?
Computer Networks: The International Journal of Computer and Telecommunications Networking
Towards characterization of wireless traffic in coexisting 802.11a/g and 802.11n network
Proceedings of the ACM CoNEXT Student Workshop
WiFiHop - mitigating the Evil twin attack through multi-hop detection
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Identifying 802.11 traffic from passive measurements using iterative Bayesian inference
IEEE/ACM Transactions on Networking (TON)
Hi-index | 0.00 |
The wide deployment of 802.11 WLANs has led to the co-existence of wired and wireless clients in a network environment. This paper presents a robust technique to detect 802.11 wireless hosts through passive observation of client traffic streams at the edge of the network. It is based on the estimation of entropy of packet interarrival times and on the analysis of variation in the measured entropy values across individual end host connections. With the aim of generating a physical layer "signature" that can be easily extracted from packet traces, we first perform controlled experiments and analyse them through Spectral Analysis and Entropy evaluation. Based on the gained insight we design a methodology for the identification of 802.11 wireless clients and test it on two data sets of packet-level traces collected in different networks. Our results demonstrate that wireless identification is highly precise in the presence of a sufficient traffic sample.