Detecting, Locating, and Tracking Hacker Activities within a WLAN Network

With a good location estimation integrated into a Wi-Fi surveillance system, system administrator can closely monitor the network traffic as well as the behavior of the mobile users. Hence, there is a growing demand to have a quick and efficient way to indentify a specific group of people, or devices or asset within a controlled wireless network. In our proposed system, all the Wi-Fi traffic and information especially the MAC addresses and RSSI from the mobile clients (i.e. Wi-Fi devices) can be sniffed by an open-source Wi-Fi access point (AP) with custom-made embedded software program and without pre-loading any client program on the mobile user devices. These sniffed information is then analyzed and stored in a database which will help network administrator to monitor the wireless network for surveillance purpose and security concerns. In summary, this paper proposes a wireless LAN system that can detect, locate and track down wireless communication within the system by modifying the embedded software in off-the-shelf WLAN APs. Experiment results have shown that abnormal wireless activities can be detected and by our signal strength based localization algorithm, positions of these wireless mobile devices can be identified and be tracked within meters inside our WLAN system.