• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations | Disambiguate

DMCA

Detecting 802.11 MAC layer spoofing using received signal strength (2007)

Cached

  • Download as a PDF

Download Links

  • [www.cs.dartmouth.edu]
  • [www.cs.uml.edu]
  • [www.cs.dartmouth.edu]
  • [www.cs.dartmouth.edu]
  • [www.cs.dartmouth.edu]
  • [www.cs.dartmouth.edu]
  • [www1.cs.dartmouth.edu]
  • [www.cs.dartmouth.edu]
  • [www.ists.dartmouth.edu]

  • Save to List
  • Add to Collection
  • Correct Errors
  • Monitor Changes
by Yong Sheng , Keren Tan , Guanling Chen , David Kotz , Andrew Campbell
Citations:53 - 5 self
  • Summary
  • Citations
  • Active Bibliography
  • Co-citation
  • Clustered Documents
  • Version History

BibTeX

@MISC{Sheng07detecting802.11,
    author = {Yong Sheng and Keren Tan and Guanling Chen and David Kotz and Andrew Campbell},
    title = {Detecting 802.11 MAC layer spoofing using received signal strength},
    year = {2007}
}

Share

Facebook Twitter Reddit Bibsonomy

OpenURL

 

Abstract

Abstract — MAC addresses can be easily spoofed in 802.11 wireless LANs. An adversary can exploit this vulnerability to launch a large number of attacks. For example, an attacker may masquerade as a legitimate access point to disrupt network services or to advertise false services, tricking nearby wireless stations. On the other hand, the received signal strength (RSS) is a measurement that is hard to forge arbitrarily and it is highly correlated to the transmitter’s location. Assuming the attacker and the victim are separated by a reasonable distance, RSS can be used to differentiate them to detect MAC spoofing, as recently proposed by several researchers. By analyzing the RSS pattern of typical 802.11 transmitters in a 3-floor building covered by 20 air monitors, we observed that the RSS readings followed a mixture of multiple Gaussian distributions. We discovered that this phenomenon was mainly due to antenna diversity, a widely-adopted technique to improve the stability and robustness of wireless connectivity. This observation renders existing approaches ineffective because they assume a single RSS source. We propose an approach based on Gaussian mixture models, building RSS profiles for spoofing detection. Experiments on the same testbed show that our method is robust against antenna diversity and significantly outperforms existing approaches. At a 3 % false positive rate, we detect 73.4%, 89.6 % and 97.8 % of attacks using the three proposed algorithms, based on local statistics of a single AM, combining local results from AMs, and global multi-AM detection, respectively. I.

Keyphrases

mac layer    signal strength    nearby wireless station    false service    widely-adopted technique    legitimate access point    r profile    air monitor    received signal strength    large number    local statistic    wireless connectivity    wireless lan    local result    transmitter location    reasonable distance    antenna diversity    network service    false positive rate    multiple gaussian distribution    testbed show    r pattern    gaussian mixture model    single r source    several researcher    r reading    3-floor building    global multi-am detection    abstract mac address   

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University