Abstract
In this work, we introduce a powerful hardware-based rogue access point (PrAP), which can relay traffic between a legitimate AP and a wireless station back and forth, and act as a man-in-the-middle attacker. Our PrAP is built of two dedicated wireless routers interconnected physically, and can relay traffic rapidly between a station and a legitimate AP. Through extensive experiments, we demonstrate that the state-of-the-art time-based rogue AP (rAP) detectors cannot detect our PrAP, although effective against software-based rAP. To defend against PrAPs, we propose PrAP-Hunter based on intentional channel interference. PrAP-Hunter is highly accurate, even under heavy traffic scenarios. Using a high-performance (desktop) and low-performance (mobile) experimental setups of our PrAP-Hunter in various deployment scenarios, we demonstrate close to 100% of detection rate, compared to 60% detection rate by the state-of-the-art. We show that PrAP-Hunter is fast (takes 5-10 sec), does not require any prior knowledge, and can be deployed in the wild by real world experiments at 10 coffee shops.
Original language | English |
---|---|
Title of host publication | Proceedings - IEEE 37th International Conference on Distributed Computing Systems, ICDCS 2017 |
Editors | Kisung Lee, Ling Liu |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 2515-2520 |
Number of pages | 6 |
ISBN (Electronic) | 9781538617915 |
DOIs | |
State | Published - 13 Jul 2017 |
Event | 37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017 - Atlanta, United States Duration: 5 Jun 2017 → 8 Jun 2017 |
Publication series
Name | Proceedings - International Conference on Distributed Computing Systems |
---|
Conference
Conference | 37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017 |
---|---|
Country/Territory | United States |
City | Atlanta |
Period | 5/06/17 → 8/06/17 |
Bibliographical note
Publisher Copyright:© 2017 IEEE.
Keywords
- Channel interference
- IEEE 802.11n
- Intrusion detection
- Rogue AP
- Wireless LAN