Securing Wi-Fi networks with position verification: extended version

In this paper we investigate position-based enhancements to Wi-Fi network security. Specifically, we investigate whether Received Signal Strength (RSS) measurements can identify attempts at network access by malicious nodes exterior to an authorised network perimeter. We assume the malicious nodes will spoof their received or transmitted power-levels in attempts to circumvent standard position-based security techniques. We outline why residual analysis of the RSS measurements cannot robustly identify illegal network access requests. However, we show that by referring the residual RSS analysis to a 'claimed position', interior to the authorised perimeter, a robust position-based verification system for secure network access can be developed. Indoor systems based on RSS fingerprints and differential RSS fingerprints are studied. Outdoor systems under the assumption of log-normal shadowing are also investigated.

[1]  Robert A. Malaney Nuisance Parameters and Location Accuracy in Log-Normal Fading Models , 2007, IEEE Transactions on Wireless Communications.

[2]  Mikhail Nesterenko,et al.  Secure Location Verification Using Radio Broadcast , 2004, IEEE Transactions on Dependable and Secure Computing.

[3]  Alfred O. Hero,et al.  Relative location estimation in wireless sensor networks , 2003, IEEE Trans. Signal Process..

[4]  Donggang Liu,et al.  Attack-resistant location estimation in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[5]  A. Harter,et al.  A distributed location system for the active office , 1994, IEEE Network.

[6]  Anjur Sundaresan Krishnakumar,et al.  Infrastructure-based location estimation in WLAN networks , 2004 .

[7]  Srdjan Capkun,et al.  Secure positioning in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[8]  B. R. Badrinath,et al.  VOR base stations for indoor 802.11 positioning , 2004, MobiCom '04.

[9]  Dan S. Wallach,et al.  Wireless LAN location-sensing for security applications , 2003, WiSe '03.

[10]  Giuseppe Anastasi,et al.  Experimenting an indoor bluetooth-based positioning service , 2003, 23rd International Conference on Distributed Computing Systems Workshops, 2003. Proceedings..

[11]  Wade Trappe,et al.  Robust statistical methods for securing wireless localization in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[12]  D K Wilson,et al.  Performance bounds for passive sensor arrays operating in a turbulent medium: plane-wave analysis. , 2003, The Journal of the Acoustical Society of America.

[13]  Kui Wu,et al.  Sensor localization with Ring Overlapping based on Comparison of Received Signal Strength Indicator , 2004, 2004 IEEE International Conference on Mobile Ad-hoc and Sensor Systems (IEEE Cat. No.04EX975).

[14]  Dorothy E. Denning,et al.  Location-based authentication: Grounding cyberspace for better security , 1996 .

[15]  Kostas E. Bekris,et al.  Robotics-Based Location Sensing Using Wireless Ethernet , 2005, Wirel. Networks.

[16]  R.L. Moses,et al.  Locating the nodes: cooperative localization in wireless sensor networks , 2005, IEEE Signal Processing Magazine.

[17]  Markus G. Kuhn,et al.  An Asymmetric Security Mechanism for Navigation Signals , 2004, Information Hiding.

[18]  Robert A. Malaney Securing internal Wi-Fi networks with position verification , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[19]  Prashant Krishnamurthy,et al.  Modeling of indoor positioning systems based on location fingerprinting , 2004, IEEE INFOCOM 2004.

[20]  Andreas Haeberlen,et al.  Practical robust localization over large-scale 802.11 wireless networks , 2004, MobiCom '04.

[21]  B. R. Badrinath,et al.  Ad hoc positioning system (APS) using AOA , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[22]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[23]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[24]  Moustafa Youssef,et al.  WLAN location determination via clustering and probability distributions , 2003, Proceedings of the First IEEE International Conference on Pervasive Computing and Communications, 2003. (PerCom 2003)..

[25]  H. Koshima,et al.  Personal locator services emerge , 2000 .

[26]  Radha Poovendran,et al.  SeRLoc: secure range-independent localization for wireless sensor networks , 2004, WiSe '04.

[27]  D. Maniezzo,et al.  Scanning the literature , 2004, IEEE Wireless Communications.

[28]  Srdjan Capkun,et al.  Secure Localization with Hidden and Mobile Base Stations , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.