An empirical fingerprint framework to detect Rogue Access Points

Author

Alotaibi, Bandar ; Elleithy, Khaled

Author_Institution

Comput. Sci. & Eng. Dept., Univ. of Bridgeport, Bridgeport, CT, USA

fYear

2015

fDate

1-1 May 2015

Firstpage

1

Lastpage

7

Abstract

The aim of this paper is to detect Rogue Access Points (RAPs) that clone some of the characteristics of nearby legitimate Access Points (APs). A new passive approach that takes advantage of the first frame that the RAP sends (i.e, Beacon Frame (BF)) when it is planted in the Wireless Local Area Network (WLAN) is proposed. We apply the proposed fingerprint to detect RAPs to evaluate the fingerprint effectiveness. The proposed framework examines every beacon frame size, and compares it with a threshold value. The technique is implemented on a commercially available Wireless Network Interface Controller (WNIC) to evaluate its accuracy. The detection algorithm achieves 100 percent accuracy to determine the RAPs in a lightly loaded traffic environment. The detection time can be taken in approximately 100 ms and is scanned in real-time setting. The robustness and the efficiency of the detection algorithm are examined in two different locations.

Keywords

computer network security; network interfaces; telecommunication traffic; wireless LAN; RAP; WLAN; WNIC; beacon frame size; detection algorithm; empirical fingerprint framework; legitimate access points; lightly loaded traffic environment; real-time setting; rogue access points; wireless local area network; wireless network interface controller; Communication system security; Computer hacking; Fingerprint recognition; Monitoring; Training; Wireless LAN; Wireless communication; Beacon Frames; Rogue Access Point; WIDS; WLAN;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems, Applications and Technology Conference (LISAT), 2015 IEEE Long Island

Conference_Location

Farmingdale, NY

Type

conf

DOI

10.1109/LISAT.2015.7160206

Filename

7160206