论文信息 - A Passive Approach to Rogue Access Point Detection

A Passive Approach to Rogue Access Point Detection

Unauthorized or rogue access points (APs) produce security vulnerabilities in enterprise/campus networks by circumventing inherent security mechanisms. We propose to use the round trip time (RTT) of network traffic to distinguish between wired and wireless nodes. This information coupled with a standard wireless AP authorization policy allows the differentiation (at a central location) between wired nodes, authorized APs, and rogue APs. We show that the lower capacity and the higher variability in a wireless network can be used to effectively distinguish between wired and wireless nodes. Further, this detection is not dependant upon the wireless technology (802.11a, 802.11b, or 802.11g), is scalable, does not contain the inefficiencies of current solutions, remains valid as the capacity of wired and wireless links increase, and is independent of the signal range of the rogue APs.

[1] Raheem A. Beyah,et al. Rogue access point detection using temporal traffic characteristics , 2004, IEEE Global Telecommunications Conference, 2004. GLOBECOM '04..

[2] Paramvir Bahl,et al. DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure , 2005 .

[3] A T Karygiannis,et al. Wireless Network Security: 802.11, Bluetooth and Handheld Devices , 2002 .

[4] David Safford,et al. Autonomic 802.11 wireless LAN security auditing , 2004, IEEE Security & Privacy Magazine.

[5] Chun Zhang,et al. Classification of access network types: Ethernet, wireless LAN, ADSL, cable modem or dialup? , 2008, Comput. Networks.

[6] W. Richard Stevens,et al. TCP/IP Illustrated, Volume 1: The Protocols , 1994 .

[7] Donald F. Towsley,et al. Identifying 802.11 Traffic from Passive Measurements Using Iterative Bayesian Inference , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[8] Ivan Marsic,et al. Fuzzy Reasoning for Wireless Awareness , 2001, Int. J. Wirel. Inf. Networks.