A passive approach to rogue access point detection
- 1 November 2007
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- No. 1930529X,p. 355-360
- https://doi.org/10.1109/glocom.2007.73
Abstract
Unauthorized or rogue access points (APs) produce security vulnerabilities in enterprise/campus networks by circumventing inherent security mechanisms. We propose to use the round trip time (RTT) of network traffic to distinguish between wired and wireless nodes. This information coupled with a standard wireless AP authorization policy allows the differentiation (at a central location) between wired nodes, authorized APs, and rogue APs. We show that the lower capacity and the higher variability in a wireless network can be used to effectively distinguish between wired and wireless nodes. Further, this detection is not dependant upon the wireless technology (802.11a, 802.11b, or 802.11g), is scalable, does not contain the inefficiencies of current solutions, remains valid as the capacity of wired and wireless links increase, and is independent of the signal range of the rogue APs.Keywords
This publication has 5 references indexed in Scilit:
- Identifying 802.11 Traffic From Passive Measurements Using Iterative Bayesian InferenceIEEE/ACM Transactions on Networking, 2011
- Classification of access network types: ethernet, wireless LAN, ADSL, cable modem or dialup?Published by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Rogue access point detection using temporal traffic characteristicsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Autonomic 802.11 wireless LAN security auditingIEEE Security & Privacy, 2004
- Fuzzy Reasoning for Wireless AwarenessInternational Journal of Wireless Information Networks, 2001