ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Detecting identity-based attacks in wireless networks using signalprints
Full text PdfPdf (328 KB)
Source Workshop on Wireless Security archive
Proceedings of the 5th ACM workshop on Wireless security table of contents
Los Angeles, California
SESSION: Radio-layer security table of contents
Pages: 43 - 52  
Year of Publication: 2006
ISBN:1-59593-557-6
Authors
Daniel B. Faria  Stanford University
David R. Cheriton  Stanford University
Sponsor
SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 20,   Downloads (12 Months): 733,   Citation Count: 14
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1161289.1161298
What is a DOI?

ABSTRACT

Wireless networks are vulnerable to many identity-based attacks in which a malicious device uses forged MAC addresses to masquerade as a specific client or to create multiple illegitimate identities. For example, several link-layer services in IEEE 802.11 networks have been shown to be vulnerable to such attacks even when 802.11i/1X and other security mechanisms are deployed. In this paper we show that a transmitting device can be robustly identified by its signalprint, a tuple of signal strength values reported by access points acting as sensors. We show that, different from MAC addresses or other packet contents, attackers do not have as much control regarding the signalprints they produce. Moreover, using measurements in a testbed network, we demonstrate that signalprints are strongly correlated with the physical location of clients, with similar values found mostly in close proximity. By tagging suspicious packets with their corresponding signalprints, the network is able to robustly identify each transmitter independently of packet contents, allowing detection of a large class of identity-based attacks with high probability.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
LAN MAN Standards Committee of the IEEE Computer Society. Standard for Port based Network Access Control. Technical Report Draft P802.1X/D11, IEEE Computer Society, Mar. 2001.
 
2
LAN MAN Standards Committee of the IEEE Computer Society. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications - Amendment 6: Medium Access Control (MAC) Security Enhancements. Technical Report 2004 Edition, IEEE Std 802.11i, July 2004.
 
3
M. Abadi, M. Burrows, and T. Wobber. Moderately Hard, Memory-Bound Functions. In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, USA, Feb. 2003.
 
4
P. Bahl and V. N. Padmanabhan. RADAR: An In-Building RF-Based User Location and Tracking System. In Proc. of IEEE INFOCOM, Tel-Aviv, Israel, Mar. 2000.
 
5
J. Bellardo and S. Savage. 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions. In Proceedings of the USENIX Security Symposium, Washington, DC, USA, Aug. 2003.
 
6
P. Calhoun, M. Montemurro, and D. Stanley. CAPWAP Protocol Specification. IETF Internet Draft, draft-ietf-capwap-protocol-specification-01, May 2006.
 
7
D. Dean and A. Stubblefield. Using Client Puzzles to Protect TLS. In Proceedings of the Tenth USENIX Security Symposium, Washington, DC, USA, Aug. 2001.
 
8
Murat Demirbas , Youngwhan Song, An RSSI-based Scheme for Sybil Attack Detection in Wireless Sensor Networks, Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks, p.564-570, June 26-29, 2006  [doi>10.1109/WOWMOM.2006.27]
 
9
K. J. Ellis and N. Serinken. Characteristics of Radio Transmitter Fingerprints. Radio Science, 36:585--598, 2001.
 
10
Marco Gruteser , Dirk Grunwald, Enhancing location privacy in wireless LAN through disposable interface identifiers: a quantitative analysis, Mobile Networks and Applications, v.10 n.3, p.315-325, June 2005  [doi>10.1007/s11036-005-6425-1]
11
Andreas Haeberlen , Eliot Flannery , Andrew M. Ladd , Algis Rudys , Dan S. Wallach , Lydia E. Kavraki, Practical robust localization over large-scale 802.11 wireless networks, Proceedings of the 10th annual international conference on Mobile computing and networking, September 26-October 01, 2004, Philadelphia, PA, USA  [doi>10.1145/1023720.1023728]
 
12
J. Hall, M. Barbeau, and E. Kranakis. Enhancing Intrusion Detection in Wireless Networks Using Radio Frequency Fingerprinting. In Proc. of The IASTED Conference on Communications, Internet and Information Technology, Nov. 2004.
 
13
H. Hashemi. The Indoor Radio Propagation Channel. Proceedings of IEE, 81(7):943--968, July 1993.
 
14
J. Hightower, R. Want, and G. Borriello. SpotON: An Indoor 3D Location Sensing Technology Based on RF Signal Strength. Technical Report UW CSE 2000-02-02, University of Washington, Feb. 2000.
 
15
A. Juels and J. Brainard. Client Puzzles: A Cryptographic Defense Against Connection Depletion Attacks. In Proceedings of the Network and Distributed System Security Symposium (NDSS), pages 151--165, San Diego, USA, Feb. 1999.
16
David Kotz , Kobby Essien, Analysis of a campus-wide wireless network, Proceedings of the 8th annual international conference on Mobile computing and networking, September 23-28, 2002, Atlanta, Georgia, USA  [doi>10.1145/570645.570659]
17
Andrew M. Ladd , Kostas E. Bekris , Algis Rudys , Lydia E. Kavraki , Dan S. Wallach , Guillaume Marceau, Robotics-based location sensing using wireless ethernet, Proceedings of the 8th annual international conference on Mobile computing and networking, September 23-28, 2002, Atlanta, Georgia, USA  [doi>10.1145/570645.570674]
 
18
Theodore Rappaport, Wireless Communications: Principles and Practice, Prentice Hall PTR, Upper Saddle River, NJ, 2001
 
19
Michael J. Riezenman, Cellular security: better, but foes still lurk, IEEE Spectrum, v.37 n.6, p.39-42, June 2000  [doi>10.1109/6.846096]
 
20
T. Roos, P. Myllymäki, H. Tirri, P. Misikangas, and J. Sievänen. A Probabilistic Approach to WLAN User Location Estimation. International Journal of Wireless Information Networks, 9(3):155--164, July 2002.
21
Ping Tao , Algis Rudys , Andrew M. Ladd , Dan S. Wallach, Wireless LAN location-sensing for security applications, Proceedings of the 2003 ACM workshop on Wireless security, September 19-19, 2003, San Diego, CA, USA  [doi>10.1145/941311.941314]
 
22
O. Ureten and N. Serinken. Detection of Radio Transmitter Turn-On Transients. Electronic Letters, 35(23):1996--1997, Nov. 1999.
 
23
O. Ureten and N. Serinken. Bayesian Detection of Wi-Fi Transmitter RF Fingerprints. Electronic Letters, 41(6):373--374, Mar. 2006.
24
Moustafa Youssef , Ashok Agrawala, The Horus WLAN location determination system, Proceedings of the 3rd international conference on Mobile systems, applications, and services, June 06-08, 2005, Seattle, Washington  [doi>10.1145/1067170.1067193]

CITED BY  14
Neal Patwari , Sneha K. Kasera, Robust location distinction using temporal link signatures, Proceedings of the 13th annual ACM international conference on Mobile computing and networking, September 09-14, 2007, Montréal, Québec, Canada
Loh Chin Choong Desmond , Cho Chia Yuan , Tan Chung Pheng , Ri Seng Lee, Identifying unique devices through wireless fingerprinting, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA
Ivan Martinovic , Frank A. Zdarsky , Jens B. Schmitt, Regional-based authentication against dos attacks in wireless networks, Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks, October 22-22, 2007, Chania, Crete Island, Greece
Weijia Jia , Dai Bin , Lin Liao, Architecture of secure cross-platform and network communications, Proceedings of the 2nd international conference on Ubiquitous information management and communication, January 31-February 01, 2008, Suwon, Korea
Ivan Martinovic , Frank A. Zdarsky , Matthias Wilhelm , Christian Wegmann , Jens B. Schmitt, Wireless client puzzles in IEEE 802.11 networks: security by wireless, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA
Zaffar I. Qureshi , Baber Aslam , Athar Mohsin , Yonus Javed, Using randomized association ID to detect and prevent spoofed PS-Poll based denial of service attacks in IEEE 802.11 WLANs, WSEAS TRANSACTIONS on COMMUNICATIONS, v.7 n.3, p.170-179, March 2008
Erwin Louis Carrow, InfoSec technology management of user space and services through security threat gateways, Proceedings of the 4th annual conference on Information security curriculum development, September 28-28, 2007, Kennesaw, Georgia
Vijay Srinivasan , John Stankovic , Kamin Whitehouse, Protecting your daily in-home activity information from a wireless snooping attack, Proceedings of the 10th international conference on Ubiquitous computing, September 21-24, 2008, Seoul, Korea
Erwin Louis Carrow, Puppetnets and botnets: information technology vulnerability exploits that threaten basic internet use, Proceedings of the 4th annual conference on Information security curriculum development, September 28-28, 2007, Kennesaw, Georgia
Junxing Zhang , Mohammad H. Firooz , Neal Patwari , Sneha K. Kasera, Advancing wireless link signatures for location distinction, Proceedings of the 14th ACM international conference on Mobile computing and networking, September 14-19, 2008, San Francisco, California, USA
Vladimir Brik , Suman Banerjee , Marco Gruteser , Sangho Oh, Wireless device identification with radiometric signatures, Proceedings of the 14th ACM international conference on Mobile computing and networking, September 14-19, 2008, San Francisco, California, USA
Ivan Martinovic , Paul Pichota , Jens B. Schmitt, Jamming for good: a fresh approach to authentic communication in WSNs, Proceedings of the second ACM conference on Wireless network security, March 16-19, 2009, Zurich, Switzerland
Kemal Bicakci , Bulent Tavli, Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks, Computer Standards & Interfaces, v.31 n.5, p.931-941, September, 2009
Liang Xiao , Larry J. Greenstein , Narayan B. Mandayam , Wade Trappe, Channel-based detection of Sybil attacks in wireless networks, IEEE Transactions on Information Forensics and Security, v.4 n.3, p.492-503, September 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.3 Network Operations
          Subjects: Network monitoring

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.5 Local and Wide-Area Networks


General Terms:
Design, Measurement, Security


Keywords:
IEEE 802.11., denial-of-service attacks, location-based services, security, wireless LANs

Collaborative Colleagues:
Daniel B. Faria: colleagues
David R. Cheriton: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player