A Passive Approach to Rogue Access Point Detection

Author

Watkins, Lanier ; Beyah, Raheem ; Corbett, Cherita

Author_Institution

Georgia State Univ., Atlanta

fYear

2007

fDate

26-30 Nov. 2007

Firstpage

355

Lastpage

360

Abstract

Unauthorized or rogue access points (APs) produce security vulnerabilities in enterprise/campus networks by circumventing inherent security mechanisms. We propose to use the round trip time (RTT) of network traffic to distinguish between wired and wireless nodes. This information coupled with a standard wireless AP authorization policy allows the differentiation (at a central location) between wired nodes, authorized APs, and rogue APs. We show that the lower capacity and the higher variability in a wireless network can be used to effectively distinguish between wired and wireless nodes. Further, this detection is not dependant upon the wireless technology (802.11a, 802.11b, or 802.11g), is scalable, does not contain the inefficiencies of current solutions, remains valid as the capacity of wired and wireless links increase, and is independent of the signal range of the rogue APs.

Keywords

authorisation; business communication; local area networks; protocols; radiocommunication; telecommunication security; telecommunication traffic; enterprise/campus network; local area network; network traffic; rogue access point detection; round trip time; security vulnerabilities; wireless AP authorization policy; Authorization; Communication system security; Computer science; Computer security; Costs; Information security; National security; Probes; Telecommunication traffic; Wireless networks;

fLanguage

English

Publisher

ieee

Conference_Titel

Global Telecommunications Conference, 2007. GLOBECOM '07. IEEE

Conference_Location

Washington, DC

Print_ISBN

978-1-4244-1042-2

Electronic_ISBN

978-1-4244-1043-9

Type

conf

DOI

10.1109/GLOCOM.2007.73

Filename

4410983