Physical Security Perimeters for Wireless Local Area Networks

On a wired network, physical authentication is implicitly provided by access: if a user is able to plug a cable into a network socket, he must have cleared other security checks such as the receptionist and/or locked doors. In the case of a wireless local area network (WLAN), the signal propagation is not limited by a fixed boundary, and unauthorized access from outside the security perimeter is possible, and in many instances facile. In this paper, we present a probabilistic technique for localization of users in a WLAN. The presented technique is able to identify intruders based on their location, and thus successfully defend a “parking lot” attack. The approach relies on a probabilistic mapping from received signal strength (RSSI) to location. Calibration inside and around the security perimeter must precede the localization phase. During the localization phase, the RSSI of all the WLAN users is measured by multiple monitoring stations positioned to provide an overlapping coverage of the area (the access points needed to provide the WLAN coverage can double as monitoring stations). A Bayesian technique is used to estimate the location of the unsuspecting mobile user, and the position estimate of each user is updated with every new RSSI measurement at any of the monitoring stations. The presented approach is server-based, i.e., it works without the knowledge or cooperation of the user being tracked, thereby enabling the proposed security application, as well as location-aware services. Validation of the concepts was implemented using an experimental tested in an office environment. The results demonstrate the ability of the proposed technique to estimate the user location to a very high degree of accuracy.

[1]  Marko Helen,et al.  Using Calibration in RSSI- based Location Tracking System , 2005 .

[2]  M.R. Stytz How Secure Is Your Wireless Network? Safeguarding Your Wi-Fi LAN [Book Review] , 2004, IEEE Security & Privacy Magazine.

[3]  Kostas E. Bekris,et al.  Robotics-Based Location Sensing Using Wireless Ethernet , 2002, MobiCom '02.

[4]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[5]  Andy Hopper,et al.  A new location technique for the active office , 1997, IEEE Wirel. Commun..

[6]  Juha-Pekka Makela,et al.  Indoor geolocation science and technology , 2002, IEEE Commun. Mag..

[7]  Kazufumi Ito,et al.  Gaussian filters for nonlinear filtering problems , 2000, IEEE Trans. Autom. Control..

[8]  William A. Arbaugh,et al.  YOUR 802.11 WIRELESS NETWORK HAS NO CLOTHES , 2001 .

[9]  Gregory D. Abowd,et al.  The smart floor: a mechanism for natural user identification and tracking , 2000, CHI Extended Abstracts.

[10]  V. Padmanabhan,et al.  Enhancements to the RADAR User Location and Tracking System , 2000 .

[11]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[12]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[13]  Neil J. Gordon,et al.  A tutorial on particle filters for online nonlinear/non-Gaussian Bayesian tracking , 2002, IEEE Trans. Signal Process..

[14]  William A. Arbaugh,et al.  Your 80211 wireless network has no clothes , 2002, IEEE Wirel. Commun..

[15]  Neil J. Gordon,et al.  A tutorial on particle filters for online nonlinear/non-Gaussian Bayesian tracking , 2002, IEEE Trans. Signal Process..

[16]  Gaetano Borriello,et al.  SpotON: An Indoor 3D Location Sensing Technology Based on RF Signal Strength , 2000 .

[17]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[18]  Jarkko Niittylahti,et al.  Evaluation of RSSI-based human tracking , 2000, 2000 10th European Signal Processing Conference.

[19]  J. Werb,et al.  Designing a positioning system for finding things and people indoors , 1998 .

[20]  Gaetano Borriello,et al.  Location Systems for Ubiquitous Computing , 2001, Computer.

[21]  Trevor Darrell,et al.  Integrated Person Tracking Using Stereo, Color, and Pattern Detection , 2000, International Journal of Computer Vision.

[22]  J. Krumm,et al.  Multi-camera multi-person tracking for EasyLiving , 2000, Proceedings Third IEEE International Workshop on Visual Surveillance.