1 / 16

A Passive Approach to Rogue Access Point Detection

A Passive Approach to Rogue Access Point Detection. IEEE GLOBECOM 2007 Lanier Watkins Raheem Beyah Cherita Corbett 20083150 김진석. Introduction Related Works Main Idea Experiment and Result Conclusion Discussion. Contents. Rogue AP? Unauthorized AP Produces Security Vulnerabilities

nakia
Télécharger la présentation

A Passive Approach to Rogue Access Point Detection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Passive Approach toRogue Access Point Detection IEEE GLOBECOM 2007 Lanier Watkins RaheemBeyah CheritaCorbett 20083150 김진석

  2. Introduction • Related Works • Main Idea • Experiment and Result • Conclusion • Discussion Contents

  3. Rogue AP? • Unauthorized AP • Produces Security Vulnerabilities • Unmonitored Point of Entry (to Private Network) • Detection • Difficult to Detect • Hidden AP (Location and No Broadcasting) • No Information from Rogue AP and Offender Instruction

  4. RTT? • Round Trip Time • Time Between Sending Packet and Receiving Response • Related Works • Optimization of Protocol for Link Characteristic • RTT in QoS Issue Instruction

  5. Wireless vs. Wired • Active vs. Passive • Wired and Passive Approach! Related Works

  6. Wireless vs. Wired • Wireless : Using APs, Sensors, Walking the Halls.. • Time/Cost Consuming • Detection Time is Limited • Frequency Problem • Sensing Range • Disable the SSID Broadcasting • Low Signal Strength / Directional Antenna Related Works

  7. Active vs. Passive • Active : Using Queries, New Packets • Network Load Increased • Rogue APs can Ignore Queries • Passive : MAC Address, Using Ack-pairs.. • MAC Address can be spoofed/cloned • Converging time -> In In-line Deployment? Related Works

  8. Total delay = dprop + dtrans + dproc + dqueue • Total delay = dtrans = packetsize / capacity • Same Higher-layer Protocol (TCP/IP) • dtrans-> Characteristic of Physical-Layer Main Idea

  9. Main Idea

  10. Very Simple Testbed • No Other Traffic • Using Same Laptops for Node Experiment

  11. Result

  12. Result

  13. Result

  14. Result

  15. Wireless nodes have greater RTT • RTT and Authorized AP Information • (Capacity)Wired >> Wireless • Result of DCF, Using Variation • Wired/Passive! Conclusion

  16. Limited to TCP/IP (Other Protocols?) • Simple Test Bed -> Complex Network • Computational Capacity of Nodes • Assumption : Wired >> Wireless = True? Discussion

More Related