Rogue access point detection using segmental TCP jitter

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Rogue access point detection using segmental TCP jitter

Full text

Pdf (260 KB)

Source

International World Wide Web Conference archive
Proceeding of the 17th international conference on World Wide Web table of contents

Beijing, China

POSTER SESSION: Posters table of contents

Pages 1249-1250

Year of Publication: 2008

ISBN:978-1-60558-085-2

Authors

Gaogang XIE	Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China
Tingting He	Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China
Guangxing Zhang	Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China

Sponsor

ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 15, Downloads (12 Months): 44, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1367497.1367750 What is a DOI?

ABSTRACT

Rogue Access Points (RAPs) pose serious security threats to local networks. An analytic model of prior probability distribution of Segmental TCP Jitter (STJ) is deduced from the mechanism of IEEE 802.11 MAC Distributed Coordinated Function (DCF) and used to differentiate the types of wire and WLAN connections which is the crucial step for RAPs detecting. STJ as the detecting metric can reflect more the characteristic of 802.11 MAC than ACK-Pair since it can eliminate the delay caused by packet transmission. The experiment on an operated network shows the average detection ratio of the algorithm with STJ is more than 92.8% and the average detection time is less than 1s with improvement of 20% and 60% over the detecting approach of ACK-Pair respectively. Farther more no WLAN training trace is needed in the detecting algorithm.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Beyah, S. Kangude. Rogue access point detection using temporal traffic characteristics. In: Proceedings of IEEE GLOBECOM'04, Dallas, Texas, USA, 2004:2271 2275
	2	Wei Wei , Kyoungwon Suh , Bing Wang , Yu Gu , Jim Kurose , Don Towsley, Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs, Proceedings of the 7th ACM SIGCOMM conference on Internet measurement, October 24-26, 2007, San Diego, California, USA [doi>10.1145/1298306.1298357]
	3	Chad D. Mano , Andrew Blaich , Qi Liao , Yingxin Jiang , David A. Cieslak , David C. Salyers , Aaron Striegel, RIPPS: Rogue Identifying Packet Payload Slicer Detecting Unauthorized Wireless Hosts Through Network Traffic Conditioning, ACM Transactions on Information and System Security (TISSEC), v.11 n.2, p.1-23, March 2008 [doi>10.1145/1330332.1330334]
	4	Wei Wei, Sharad Jaiswal, Jim Kurose, Don Towsley. Identifying 802.11 Traffic from Passive Measurements Using Iterative Bayesian Inference. In: Proceedings of IEEE INFOCOM'06, Barcelona, Catalunya, 2006: 1 12
	5	Tickoo O, Sikdar B. Queueing analysis and delay mitigation in IEEE 802.11 random access MAC based wireless networks. In: Proceedings of IEEE INFOCOM'04, HongKong, 2004: 1404 1413