Abstract--Wireless networks are vulnerable to identity spoofing attacks, where an attacker can forge the MAC address of his wireless device to assume the identity of another victim device on the network. Identity spoofing allows an attacker to avail network services that are normally restricted to legitimate users. Prior techniques to detect such attacks rely on characteristics such as progressions of MAC sequence numbers. However, these techniques can wrongly classify benign flows as malicious with newer 802.11e wireless devices that allow multiple progressions of MAC sequence numbers from the same device. Several other techniques that rely on physical properties of transmitting devices are ineffective when the attacker and the victim are mobile. In this paper, we propose an architecture to robustly detect identity spoofing attacks under varying operating conditions. Our architecture employs a series of increasingly powerful detectors to identify or eliminate the possibility of an att...