Detecting Access Point Spoofing Attacks Using Partitioning-based Clustering
作者: Nazrul M. Ahmad , Anang Hudaya Muhamad Amin , Subarmaniam Kannan , Mohd Faizal Abdollah , Robiah Yusof
DOI: 10.4304/JNW.9.12.3470-3477
关键词: Computer network 、 Spoofing attack 、 k-medoids 、 Cluster analysis 、 Wireless access point 、 Computer science 、 Service set 、 Identifier 、 Wireless network 、 MAC address
摘要: The impersonation of wireless Access Point (AP) poses an unprecedented number threats that can compromise a client’s identity, personal data, and network integrity. AP attack is conducted by establishing rogue with spoofed Service Set Identifier (SSID) MAC address same as the target legitimate AP. Since these identities be easily forged, there no identifier used to identify Due strong correlation between signal strength distance, in this paper, we propose client-centric spoofing detection framework exploiting statistical relationship from APs. We show signals determined using two classical partitioning-based clustering methods, K-means K-medoids analysis. experimental results both analysis methods achieve over 90% rate
i-scholar.in参考文章(17)
Mark H. Looi, Jason Smith, Rupinder S. Gill, Andrew J. Clark, Passive Techniques for Detecting Session Hijacking Attacks in IEEE 802.11 Wireless Networks AusCERT Asia Pacific Information Technology Security Conference: Refereed R&D Stream: Proceedings. ,(2005)
Finding Groups in Data John Wiley & Sons, Inc.. ,(1990) , 10.1002/9780470316801
Daisuke Takahashi, Yang Xiao, Yan Zhang, Periklis Chatzimisios, Hsiao-Hwa Chen, IEEE 802.11 user fingerprinting and its applications for intrusion detection Computers & Mathematics With Applications. ,vol. 60, pp. 307- 318 ,(2010) , 10.1016/J.CAMWA.2010.01.002
Liran Ma, Amin Y. Teymorian, Xiuzhen Cheng, Min Song, RAP: protecting commodity wi-fi networks from rogue access points international conference on heterogeneous networking for quality reliability security and robustness. pp. 21- ,(2007) , 10.1145/1577222.1577252
Davide Papini, Lightweight MAC-spoof detection exploiting received signal power and median filtering International Journal of Critical Computer-based Systems. ,vol. 3, pp. 247- 261 ,(2012) , 10.1504/IJCCBS.2012.053204
Jie Yang, Yingying Chen, W. Trappe, J. Cheng, Detection and Localization of Multiple Spoofing Attackers in Wireless Networks IEEE Transactions on Parallel and Distributed Systems. ,vol. 24, pp. 44- 58 ,(2013) , 10.1109/TPDS.2012.104
Taebeom Kim, Haemin Park, Hyunchul Jung, Heejo Lee, Online Detection of Fake Access Points Using Received Signal Strengths 2012 IEEE 75th Vehicular Technology Conference (VTC Spring). pp. 1- 5 ,(2012) , 10.1109/VETECS.2012.6240312
Yimin Song, Chao Yang, Guofei Gu, Who is peeping at your passwords at Starbucks? — To catch an evil twin access point dependable systems and networks. pp. 323- 332 ,(2010) , 10.1109/DSN.2010.5544302
J. B. Macqueen, Some methods for classification and analysis of multivariate observations Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, Volume 1: Statistics. ,vol. 1, pp. 281- 297 ,(1967)
Y. Sheng, K. Tan, G. Chen, D. Kotz, A. Campbell, Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength international conference on computer communications. pp. 1768- 1776 ,(2008) , 10.1109/INFOCOM.2008.239