Detecting and Localizing Wireless Spoofing Attacks

Chen, Yingying

doi:10.1007/978-0-387-88491-2_8

Cited by 7 publications

(4 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Faria and Cheriton [6] proposed 'signalprints', which are tags for signal patterns correlated to physical locations. Both Chen et al [27] and Sheng et al [13] proposed per-frame RSS analysis based on multiple sensor monitoring, which is similar to our previous work. These works assumed that RSS values of one transmitter would follow a Gaussian distribution and thereafter used N sensors' observations as N-dimensional vectors to profile their testing environments.…”

Section: Related Worksupporting

confidence: 71%

A data clustering approach to discriminating impersonating devices in Wi‐Fi networks

Tao

Nath

Lonie

2009

Security Comm Networks

View full text Add to dashboard Cite

By design, Wi-Fi networks inherently lack reliable positional knowledge of the origin of individual network packets, and instead use the media access control (MAC) address of a received packet to assign packet identity. Given that there are a variety of tools that allow one to construct arbitrary network packets and transmit over a network, a potential security risk arises in that it is difficult to discriminate legitimate packets from packets generated by an intruder solely on the basis of packet content. We describe a data clustering approach to discriminating network nodes based on signal strength data measured from multiple angles through a distributed sensor network, and demonstrate that relatively little network data are sufficient for high discrimination accuracy.

show abstract

Section: Related Worksupporting

confidence: 71%

A data clustering approach to discriminating impersonating devices in Wi‐Fi networks

Tao

Nath

Lonie

2009

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…Considerable research has been conducted on detecting and/or mitigating spoofing within the medium access control (MAC) layer of the open systems interconnection (OSI) stack [1,2]. There has been a recent shift toward providing added security at the OSI Physical (PHY) layer by exploiting RF features 72 R. W. KLEIN, M. A. TEMPLE AND M. J. MENDENHALL RF fingerprinting is one alternative PHY layer approach that is readily dismissed in Reference [2] for 'scale' reasons.…”

Section: Introductionmentioning

confidence: 99%

Application of wavelet denoising to improve OFDM‐based signal detection and classification

Klein

Temple

Mendenhall

2009

Security Comm Networks

View full text Add to dashboard Cite

The developmental emphasis on improving wireless access security through various OSI PHY layer mechanisms continues. This work investigates the exploitation of RF waveform features that are inherently unique to specific devices and that may be used for reliable device classification (manufacturer, model, or serial number). Emission classification is addressed here through detection, location, extraction, and exploitation of RF 'fingerprints' to provide device-specific identification. The most critical step in this process is burst detection which occurs prior to fingerprint extraction and classification. Previous variance trajectory (VT) work provided sensitivity analysis for burst detection capability and highlighted the need for more robust processing at lower signal-to-noise ratio (SNR). The work presented here introduces a dual-tree complex wavelet transform (DT-CWT) denoising process to augment and improve VT detection capability. The new method's performance is evaluated using the instantaneous amplitude responses of experimentally collected 802.11a OFDM signals at various SNRs. The impact of detection error on signal classification performance is then illustrated using extracted RF fingerprints and multiple discriminant analysis (MDA) with maximum likelihood (ML) classification. Relative to previous approaches, the DT-CWT augmented process emerges as a better alternative at lower SNR and yields performance that is 34% closer (on average) to 'perfect' burst location estimation performance. Published in

show abstract

“…Much of the discussed work has suggested using channel measurements gathered at multiple receivers in order to perform location distinction [5], [1], [7], [4], [18]. However, in typical WiFi networks, adjacent access points are set to operate on different channels in order to reduce interference and clients operate on a single channel.…”

Section: R Elated Workmentioning

confidence: 99%

Experimental performance evaluation of location distinction for MIMO links

Maas

Patwari

Kasera

et al. 2012

2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012)

View full text Add to dashboard Cite

A radio channel-based location distinction system monitors physical layer measurements of received signals to detect if a transmitter has changed position since its previous transmission. This paper explores the design space for MIMObased location distinction systems. Using extensive channel measurements collected with two different MIMO testbeds, we make several observations about the tradeoffs inherent in MIMO location distinction, and the scaling of performance with respect to bandwidth, history size and insertion delay, and number of antenna elements. We show that MIMO location distinction is very reliable. For example, a 2x2 MIMO channel with a bandwidth of 80 MHz allows a 64-fold reduction in miss rate over the single-input single-output (SISO) channel for a fixed false alarm rate, achieving false alarm rates as low as 4 × 10 −4 for a 2.4 × 10 −4 probability of missed detection.

show abstract

Detecting and Localizing Wireless Spoofing Attacks

Cited by 7 publications

References 7 publications

A data clustering approach to discriminating impersonating devices in Wi‐Fi networks

A data clustering approach to discriminating impersonating devices in Wi‐Fi networks

Application of wavelet denoising to improve OFDM‐based signal detection and classification

Experimental performance evaluation of location distinction for MIMO links

Contact Info

Product

Resources

About