Detection of MAC Spoofing Attacks in IEEE 802.11 Networks Using Signal Strength from Attackers’ Devices

Банах, Роман; Piskozub, Andrian; Оpirskyy, Іvan

doi:10.1007/978-3-319-91008-6_47

Cited by 6 publications

(3 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In contrast to [11], where a method of detecting intrusions based on the deviation from the reference value of the signal power is proposed, in this work the detection results are more accurate, and the number of false positives will be smaller. This becomes possible thanks to the implementation of a machine learning algorithm that can detect hidden dependences in data sets, as well as the proposed approach of retraining or retraining the model (Fig.…”

Section: Discussion Of Results and Directions For Further Researchmentioning

confidence: 98%

“…Some attacks have to be identified by methods that are not at all obvious, such as, for example, by collecting data on the signal strength from an access point and comparing it with a reference value. In [11], a method for identifying MAC address substitution in Wi-Fi networks is proposed by detecting a significant deviation in signal strength from the reference signal. However, objectively, the process of such a comparison is not reliable enough since the signal strength is affected by many physical factors, which can lead to a large number of false positives.…”

Section: Literature Review and Problem Statementmentioning

confidence: 99%

See 1 more Smart Citation

Devising a method for detecting “evil twin” attacks on IEEE 802.11 networks (Wi-Fi) with KNN classification model

Banakh,

Piskozub,

Opirskyy

2023

EEJET

View full text Add to dashboard Cite

The object of research is IEEE 802.11 (Wi-Fi) networks, which are often the targets of a group of attacks called "evil twin". Research into this area is extremely important because Wi-Fi technology is a very common method of connecting to a network and is usually the first target of cybercriminals when they attack businesses. With the help of a systematic analysis of the literature focused on countering attacks of the "evil twin" type, this work identifies the main advantages of using artificial intelligence systems in the analysis of network data and identification of intrusions in Wi-Fi networks. To evaluate the effectiveness of intrusion detection and cybercrime analysis, a number of experiments as close as possible to real attacks on Wi-Fi networks were conducted. As part of the research reported in this paper, a method is proposed for detecting cybercrimes in IEEE 802.11 (Wi-Fi) wireless networks using artificial intelligence, namely a model built on the basis of the k-nearest neighbors method. This method is based on the classification of previously collected data, namely the signal strength from the access point, and then continuous comparison of the newly collected data with the trained model. A compact and energy-efficient prototype of a hardware and software system has been designed for the implementation of monitoring, analysis of ethernet network packets and data storage based on time series. In order to reduce the load on the computer network and taking into account the limited computing power of the system, a method of data aggregation was proposed, which ensures fast transfer of information. The results, namely 100 % of test cases (more than 7 thousand), were classified correctly, which indicates that the chosen method of data analysis will significantly increase the security of information and communication systems at the state and private levels

show abstract

Section: Discussion Of Results and Directions For Further Researchmentioning

confidence: 98%

Section: Literature Review and Problem Statementmentioning

confidence: 99%

Devising a method for detecting “evil twin” attacks on IEEE 802.11 networks (Wi-Fi) with KNN classification model

Banakh,

Piskozub,

Opirskyy

2023

EEJET

View full text Add to dashboard Cite

show abstract

“…Lackner et al argumentam que soluções baseadas em características de sinal necessitam de hardware específico. Este argumento também é mencionado por Banakh et al [10]. Hwang et al realizam um estudo das vulnerabilidade de redes 802.1X e propõem um framework para esta análise [11].…”

Section: Trabalhos Relacionadosunclassified

Ferramenta de Proteção Contra Ataques de IP e MAC Spoofing em Redes Sem Fio 802.1X

Mascarenhas¹,

Gonçalves²,

Silva³

et al. 2019

Anais De XXXVII Simpósio Brasileiro De Telecomunicações E Processamento De Sinais

View full text Add to dashboard Cite

Resumo-Os ataques de falsificação de IP e falsificação de endereços MAC, conhecidos como IP spoofing e MAC spoofing, respectivamente, têm aumentado a dificuldade de detecção e contenção de ações de usuários maliciosos dentro de redes sem fio. Este trabalho apresenta uma ferramenta para detecção e bloqueio de ataques de IP spoofing e MAC spoofing em uma rede sem fio utilizando o protocolo IEEE 802.1X. Para isto é utilizada uma combinação de informações obtidas na análise de logs e dados do banco de usuários do servidor Radius. Estas informações são também analisadas em conjunto com as informações de tabela ARP e logs de TCPdump dos roteadores.

show abstract

Defense techniques against spoofing attacks in wireless sensor networks

Kalghatgi

Dhawle

Raut

2023

Materials Today: Proceedings

View full text Add to dashboard Cite

Detection of MAC Spoofing Attacks in IEEE 802.11 Networks Using Signal Strength from Attackers’ Devices

Cited by 6 publications

References 7 publications

Devising a method for detecting “evil twin” attacks on IEEE 802.11 networks (Wi-Fi) with KNN classification model

Devising a method for detecting “evil twin” attacks on IEEE 802.11 networks (Wi-Fi) with KNN classification model

Ferramenta de Proteção Contra Ataques de IP e MAC Spoofing em Redes Sem Fio 802.1X

Defense techniques against spoofing attacks in wireless sensor networks

Contact Info

Product

Resources

About