IEEE 802.11 user fingerprinting and its applications for intrusion detection

Authors:
Daisuke Takahashi;Yang Xiao;Yan Zhang;Periklis Chatzimisios;Hsiao-Hwa Chen
Affiliations:
University of Alabama, USA;University of Alabama, USA;Simula Research Laboratory, Norway;University of Macedonia, Greece;Department of Engineering Science, National Cheng Kung University, Taiwan
Venue:
Computers & Mathematics with Applications
Year:
2010

Citing 25
Cited 4

Computer Networking: A Top-Down Approach Featuring the Internet

Computer Networking: A Top-Down Approach Featuring the Internet
DOMINO: a system to detect greedy behavior in IEEE 802.11 hotspots

Proceedings of the 2nd international conference on Mobile systems, applications, and services
A framework for wireless LAN monitoring and its applications

Proceedings of the 3rd ACM workshop on Wireless security
Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks

Proceedings of the 10th annual international conference on Mobile computing and networking
Measurement-based characterization of 802.11 in a hotspot setting

Proceedings of the 2005 ACM SIGCOMM workshop on Experimental approaches to wireless network design and analysis
Selfish MAC Layer Misbehavior in Wireless Networks

IEEE Transactions on Mobile Computing
Jigsaw: solving the puzzle of enterprise 802.11 analysis

Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
DOMINO: Detecting MAC Layer Greedy Behavior in IEEE 802.11 Hotspots

IEEE Transactions on Mobile Computing
802.11 user fingerprinting

Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Using mobile ad hoc networks to acquire digital evidence from remote autonomous agents

International Journal of Security and Networks
Forensic analysis of SCADA systems and networks

International Journal of Security and Networks
On the (un)reliability of eavesdropping

International Journal of Security and Networks
Using PLSI-U to detect insider threats by datamining e-mail

International Journal of Security and Networks
Aggregate designated verifier signatures and application to secure routing

International Journal of Security and Networks
Hash-AV: fast virus signature scanning by cache-resident filters

International Journal of Security and Networks
Design and analysis of a multipacket signature detection system

International Journal of Security and Networks
Limiting DoS attacks during multihop data delivery in wireless sensor networks

International Journal of Security and Networks
The loop fallacy and deterministic serialisation in tracing intrusion connections through stepping stones

International Journal of Security and Networks
An adaptive expert system approach for intrusion detection

International Journal of Security and Networks
Convertible identity-based anonymous designated ring signatures

International Journal of Security and Networks
A new signature scheme without random oracles

International Journal of Security and Networks
Secure scalable group signature with dynamic joins and separable authorities

International Journal of Security and Networks
A taxonomy of internet traceback

International Journal of Security and Networks
Three ways to mount distinguishing attacks on irregularly clocked stream ciphers

International Journal of Security and Networks
Flow-net methodology for accountability in wireless networks

IEEE Network: The Magazine of Global Internetworking

Using differential evolution to optimize 'learning from signals' and enhance network security

Proceedings of the 13th annual conference on Genetic and evolutionary computation
An adaptive capacity enhancement strategy for sector-based cellular systems

Computers & Mathematics with Applications
Efficient citywide planning of open WiFi access networks using novel grouping harmony searchheuristics

Engineering Applications of Artificial Intelligence
Accountability and Q-Accountable Logging in Wireless Networks

Wireless Personal Communications: An International Journal

Quantified Score

Hi-index	0.09

Visualization

Abstract

Easy associations with wireless access points (APs) give users temporal and quick access to the Internet. It needs only a few seconds to take their machines to hotspots and do a little configuration in order to have Internet access. However, this portability becomes a double-edged sword for ignorant network users. Network protocol analyzers are typically developed for network performance analysis. Nonetheless, they can also be used to reveal user's privacy by classifying network traffic. Some characteristics in IEEE 802.11 traffic particularly help identify users. Like actual human fingerprints, there are also unique traffic characteristics for each network user. They are called network user fingerprints, by tracking which more than half of network users can be connected to their traffic even with medium access control (MAC) layer pseudonyms. On the other hand, the concept of network user fingerprint is likely to be a powerful tool for intrusion detection and computer/digital forensics. As with actual criminal investigations, comparison of sampling data to training data may increase confidence in criminal specification. This article focuses on a survey on a user fingerprinting technique of IEEE 802.11 wireless LAN traffic. We also summarize some of the researches on IEEE 802.11 network characteristic analysis to figure out rogue APs and MAC protocol misbehaviors.