Detecting Wireless Identity Spoofs in Urban Settings, Based on Received Signal Strength Measurements

• Main Author: Pedersen, Øystein Aas
• Format: Others
• Language: English
• Published: Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk 2010
• Subjects: ntnudaim:5452; SIE7 kommunikasjonsteknologi; Telematikk
• Online Access: http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-11127

The most common gateway for executing attacks in 802.11 networks are the MACspoofing attack. Current Todays Wireless IDS implements different methods todetect MAC spoofing, but are particularly interested in using methods that arebased on characteristics that are considered unspoofable. One such characteristicis the received signal strength (RSS). Current research are often tested in officeenvironments only, and this work aims to test how the methods work in WirelessTrondheim’s urban environment. To research the effects, a wireless sensor networkwas made. A framework for treating captured data from the sensor network wasdeveloped that can be augmented with various detection methods for 802.11 basednetworks. A RSS detection method has been developed and tested with real testdata from an urban environment. A RSS based detection method was tested, andthe results depicts the challenges of using such methods in an urban environment.Results also show that existing statistically based RSS methods would work poorlyin such environments.