Rogue access point detection using temporal traffic characteristics

Author

Beyah, Raheem ; Kangude, Shantanu ; Yu, George ; Strickland, Brian ; Copeland, John

Author_Institution

Sch. of Electr. & Comput. Eng., Georgia Inst. of Technol., Atlanta, GA, USA

Volume

4

fYear

2004

fDate

29 Nov.-3 Dec. 2004

Firstpage

2271

Abstract

As the cost of IEEE 802.11 hardware continues to fall, the appeal of inserting unauthorized wireless access into enterprise networks grows. These rogue access points (AP) expose the enterprise network to a barrage of security vulnerabilities in that they are typically connected to a network port behind the firewall. Most of the current approaches to detecting rogue AP are rudimentary and are easily evaded by hackers. We propose the use of temporal traffic characteristics to detect rogue AP at a central location. This detection is independent of the wireless technology (IEEE 802.11a, 802.11b, or 802.11g), is scalable, does not possess the inefficiencies of the current solutions, and is independent of the signal range of the rogue AP.

Keywords

IEEE standards; authorisation; business communication; computer network management; security of data; telecommunication security; wireless LAN; IEEE 802.11a; IEEE 802.11b; IEEE 802.11g; enterprise networks; network port; rogue access point detection; scalable detection; security vulnerabilities; signal range independence; temporal traffic characteristics; unauthorized wireless access; Communication system security; Communication system traffic; Computer hacking; Computer networks; Costs; Employment; Hardware; Network address translation; Telecommunication traffic; Wireless networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Telecommunications Conference, 2004. GLOBECOM '04. IEEE

Print_ISBN

0-7803-8794-5

Type

conf

DOI

10.1109/GLOCOM.2004.1378413

Filename

1378413