Non-cryptographic methods of MAC spoof detection in wireless LAN

The immense growth of wireless network makes it prone to number of security threats. Most prevalent among them are spoof threats, in which one network device changes its network identifiers to that of another network device. One of the possible reasons of spoofing in wireless network is that per-frame source authentication is not provided. Full scale authentication can be provided, but it is not always desirable as it requires reliable key management. The attacker can further launch Denial of Service attacks by spoofing deauthentication/disassociation or power saving frames, can bypass the access control list or can falsely advertise services to wireless clients. This paper discusses some of the non cryptographic techniques to detect MAC spoofing along with their pros and cons and the network scenarios in which they can be used. Analysis of these techniques is done on data captured from live test bed. The information in this paper can help the wireless equipment manufacturers to implement intrusion detection systems capable of detecting MAC address spoofing efficiently with least number of false alarms.