Rogue Access Point Detector Using Characteristics of Channel Overlapping in 802.11n

Rhongho Jang, Jeonil Kang, Aziz Mohaisen, Daehun Nyang

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

In this work, we introduce a powerful hardware-based rogue access point (PrAP), which can relay traffic between a legitimate AP and a wireless station back and forth, and act as a man-in-the-middle attacker. Our PrAP is built of two dedicated wireless routers interconnected physically, and can relay traffic rapidly between a station and a legitimate AP. Through extensive experiments, we demonstrate that the state-of-the-art time-based rogue AP (rAP) detectors cannot detect our PrAP, although effective against software-based rAP. To defend against PrAPs, we propose PrAP-Hunter based on intentional channel interference. PrAP-Hunter is highly accurate, even under heavy traffic scenarios. Using a high-performance (desktop) and low-performance (mobile) experimental setups of our PrAP-Hunter in various deployment scenarios, we demonstrate close to 100% of detection rate, compared to 60% detection rate by the state-of-the-art. We show that PrAP-Hunter is fast (takes 5-10 sec), does not require any prior knowledge, and can be deployed in the wild by real world experiments at 10 coffee shops.

Original languageEnglish
Title of host publicationProceedings - IEEE 37th International Conference on Distributed Computing Systems, ICDCS 2017
EditorsKisung Lee, Ling Liu
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages2515-2520
Number of pages6
ISBN (Electronic)9781538617915
DOIs
StatePublished - 13 Jul 2017
Event37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017 - Atlanta, United States
Duration: 5 Jun 20178 Jun 2017

Publication series

NameProceedings - International Conference on Distributed Computing Systems

Conference

Conference37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017
Country/TerritoryUnited States
CityAtlanta
Period5/06/178/06/17

Bibliographical note

Publisher Copyright:
© 2017 IEEE.

Keywords

  • Channel interference
  • IEEE 802.11n
  • Intrusion detection
  • Rogue AP
  • Wireless LAN

Fingerprint

Dive into the research topics of 'Rogue Access Point Detector Using Characteristics of Channel Overlapping in 802.11n'. Together they form a unique fingerprint.

Cite this