A passive approach to rogue access point detection
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

A Passive Approach to Rogue Access Point Detection PowerPoint PPT Presentation


  • 81 Views
  • Uploaded on
  • Presentation posted in: General

A Passive Approach to Rogue Access Point Detection. IEEE GLOBECOM 2007 Lanier Watkins Raheem Beyah Cherita Corbett 20083150 김진석. Introduction Related Works Main Idea Experiment and Result Conclusion Discussion. Contents. Rogue AP? Unauthorized AP Produces Security Vulnerabilities

Download Presentation

A Passive Approach to Rogue Access Point Detection

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


A passive approach to rogue access point detection

A Passive Approach toRogue Access Point Detection

IEEE GLOBECOM 2007

Lanier Watkins

RaheemBeyah

CheritaCorbett

20083150 김진석


Contents

  • Introduction

  • Related Works

  • Main Idea

  • Experiment and Result

  • Conclusion

  • Discussion

Contents


Instruction

  • Rogue AP?

    • Unauthorized AP

    • Produces Security Vulnerabilities

    • Unmonitored Point of Entry (to Private Network)

  • Detection

    • Difficult to Detect

    • Hidden AP (Location and No Broadcasting)

    • No Information from Rogue AP and Offender

Instruction


Instruction1

  • RTT?

    • Round Trip Time

    • Time Between Sending Packet and Receiving Response

    • Related Works

      • Optimization of Protocol for Link Characteristic

      • RTT in QoS Issue

Instruction


Related works

  • Wireless vs. Wired

  • Active vs. Passive

  • Wired and Passive Approach!

Related Works


Related works1

  • Wireless vs. Wired

    • Wireless : Using APs, Sensors, Walking the Halls..

      • Time/Cost Consuming

      • Detection Time is Limited

      • Frequency Problem

      • Sensing Range

      • Disable the SSID Broadcasting

      • Low Signal Strength / Directional Antenna

Related Works


Related works2

  • Active vs. Passive

    • Active : Using Queries, New Packets

      • Network Load Increased

      • Rogue APs can Ignore Queries

    • Passive : MAC Address, Using Ack-pairs..

      • MAC Address can be spoofed/cloned

      • Converging time -> In In-line Deployment?

Related Works


Main idea

  • Total delay = dprop + dtrans + dproc + dqueue

  • Total delay = dtrans = packetsize / capacity

  • Same Higher-layer Protocol (TCP/IP)

  • dtrans-> Characteristic of Physical-Layer

Main Idea


Main idea1

Main Idea


Experiment

  • Very Simple Testbed

  • No Other Traffic

  • Using Same Laptops for Node

Experiment


Result

Result


Result1

Result


Result2

Result


Result3

Result


Conclusion

  • Wireless nodes have greater RTT

  • RTT and Authorized AP Information

  • (Capacity)Wired >> Wireless

  • Result of DCF, Using Variation

  • Wired/Passive!

Conclusion


Discussion

  • Limited to TCP/IP (Other Protocols?)

  • Simple Test Bed -> Complex Network

  • Computational Capacity of Nodes

  • Assumption : Wired >> Wireless = True?

Discussion


  • Login