Sciweavers

WS
2006
ACM

Detecting identity-based attacks in wireless networks using signalprints

14 years 6 months ago
Detecting identity-based attacks in wireless networks using signalprints
Wireless networks are vulnerable to many identity-based attacks in which a malicious device uses forged MAC addresses to masquerade as a specific client or to create multiple illegitimate identities. For example, several link-layer services in IEEE 802.11 networks have been shown to be vulnerable to such attacks even when 802.11i/1X and other security mechanisms are deployed. In this paper we show that a transmitting device can be robustly identified by its signalprint, a tuple of signal strength values reported by access points acting as sensors. We show that, different from MAC addresses or other packet contents, attackers do not have as much control regarding the signalprints they produce. Moreover, using measurements in a testbed network, we demonstrate that signalprints are strongly correlated with the physical location of clients, with similar values found mostly in close proximity. By tagging suspicious packets with their corresponding signalprints, the network is able to ro...
Daniel B. Faria, David R. Cheriton
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where WS
Authors Daniel B. Faria, David R. Cheriton
Comments (0)