Detection of rogue devices in wireless networks

摘要: The need for robust access control mechanisms is paramount, especially in Wireless Local Area Network (WLAN)s and Wide (WWAN)s. Current authentication systems are vulnerable to device impersonation by rogue devices. Within cellular mobile networks, this threat actualized cloning cell phones, using the clones obtaining free services. A well known example Fidelity (WiFi)/802.11 networks Media Access Control (MAC) address spoofing. In case, an attacker captures MAC of authorized programs it into his device, order obtain unauthorized access. spoofing equally applicable Bluetooth (BT) ad-hoc networks. The underlying problem continued use List (ACL)s, based on a single malleable identifier, e.g. addresses. Given ease with which aforementioned attacks mounted, potential impact these there requirement that capable detecting attacks. What would prove useful associate identifier less characteristics. Hence, we explore feasibility Anomaly-based Intrusion Detection (ABID), makes device-based and/or user-based profiles ad dressing problem. For example, ABID system compare multiple instances device/user characteristics, associated given those corresponding profile. Deviations from pre-established thresholds be indicative or More specifically, Radio Frequency Fingerprinting (RFF) characterizing transceivers WiFi/802.11 BT wireless cards, i.e. create profiles, Hotelling's T 2 statistics classification purposes. Similarly, also investigate adoption User Mobility Pattern (UMP)s Instance-Based Learning (IBL) technique classification. Average detection rates 93% 94.5% (WiFi/802.11) support incorporating RFF, ABID, On other hand, UMPs similar purposes technically feasible. Thus, characteristics can exploited devices