Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IMC
2007
ACM
2007
ACM
Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs
Rogue (unauthorized) wireless access points pose serious security threats to local networks. In this paper, we propose two online algorithms to detect rogue access points using sequential hypothesis tests applied to packet-header data collected passively at a monitoring point. One algorithm requires training sets, while the other does not. Both algorithms extend our earlier TCP ACK-pair technique to differentiate wired and wireless LAN TCP traffic, and exploit the fundamental properties of the 802.11 CSMA/CA MAC protocol and the half duplex nature of wireless channels. Our algorithms make prompt decisions as TCP ACK-pairs are observed, and only incur minimum computation and storage overhead. We have built a system for online rogue-accesspoint detection using these algorithms and deployed it at a university gateway router. Extensive experiments in various scenarios have demonstrated the excellent performance of our approach: the algorithm that requires training provides rapid detectio...
Real-time Traffic| Added | 26 Oct 2010 |
| Updated | 26 Oct 2010 |
| Type | Conference |
| Year | 2007 |
| Where | IMC |
| Authors | Wei Wei, Kyoungwon Suh, Bing Wang, Yu Gu, Jim Kurose, Donald F. Towsley |
Comments (0)
Researcher Info
|
