The Identification of Rogue Access Points Using Channel State Information

Today\u27s wireless networks (Wi-Fi) handle more significant numbers of connections, deploy efficiently, and provide increased reliability and high speeds at low cost. The ability of rogue access points (RAPs) to mimic legitimate APs makes them the most critical threat to wireless security. APs are found in coffee shops, supermarkets, stadiums, buses, trains, airports, hospitals, theaters, and shopping malls. Rogue access points (RAP) are unauthorized devices that connect to legitimate access points and networks and bypass authorized security procedures. RAP detection has been attempted using hardware and software-based solutions requiring the developing of dedicated tools or beacon frame modification. (Arisandi, 2021). The effectiveness of software-based tools such as Aircrack-ng, Kismet, and InSSIDER is diminished as customized configurations are required for each environment. (VanSickle, 2019). Channel State Information (CSI) are characteristics of the communication link between a Wi-Fi transmitter and receiver and facilitates reliable communication in multi-antenna systems. The data contained in CSI can be analyzed and used to detect motion and activity based on interference in the line of sight (LoS) between the transmitter and receiver. CSI has been used to recognize human activity (Wang, 2015) and recognize differences in gaits based on the speed of motion (Wang, 2016). This paper proposes identifying RAPs by detecting differences in CSI characteristics due to interference in the (LoS) path between the Wi-Fi transmitter and the receiver

Context aware self-configuring wi-fi network

Wireless networks are increasingly popular among end users primarily to provide Internet access services. For this reason it is becoming easier to find highly congested zones with multiple wireless networks. Many of these networks use default settings which causes, in some cases, that some of communication channels in the 2.4GHz band are overused. This document presents the work done to design a context aware self-configuring system which is intended to improve the performance of independent WI-FI networks by avoiding the interference generated by neighboring wireless networks. For the realization of this system were carried out many experiments which show that wireless networks working on the same channels suffer interference among them that reduces the capacity of each network. In addition to these experiments multiple metrics were proposed in an attempt to predict the capacity of a channel. The number of interfering radios and the number of rogue data packets were the two proposed metric that better fit the needs for capacity forecast. From the obtained results a prototype that implements context aware self-configuring system was developed. The proposed algorithm uses a quality value which is calculated from the weighted sum of the two metrics explained before. This prototype was tested against two algorithms (random and static). The results show that the proposed system improves the mean Throughput of the wireless network under realistic conditions

A Dynamically Refocusable Sampling Infrastructure for 802.11 Networks

The edge of the Internet is increasingly wireless. Enterprises large and small, homeowners, and even whole cities have deployed Wi-Fi networks for their users, and many users never need to--- or never bother to--- use the wired network. With the advent of high-throughput wireless networks (such as 802.11n) some new construction, even of large enterprise build- ings, may no longer be wired for Ethernet. To understand Internet traffic, then, we need to understand the wireless edge. Measuring Wi-Fi traffic, however, is challenging. It is insufficient to capture traffic in the access points, or upstream of the access points, because the activity of neighboring networks, ad hoc networks, and physical interference cannot be seen at that level. To truly understand the MAC-layer behavior, we need to capture frames from the air using Air Monitors (AMs) placed in the vicinity of the network. Such a capture is always a sample of the network activity, since it is physically impossible to capture a full trace: all frames from all channels at all times in all places. We have built a monitoring infrastructure that captures frames from the 802.11 network. This infrastructure includes several channel sampling strategies that will capture repre- sentative traffic from the network. Further, the monitoring infrastructure needs to modify its behavior according to feedback received from the downstream consumers of the captured traffic in case the analysis needs traffic of a certain type. We call this technique refocusing . The coordinated sampling technique improves the efficiency of the monitoring by utilizing the AMs intelligently. Finally, we deployed this measurement infrastructure within our Computer Science building to study the performance of the system with real network traffic

User-side wi-fi hotspot spoofing detection on android-based devices

A Dissertation Submitted in Partial Fulfilment of the Requirements for the Degree of Master’s in Wireless and Mobile Computing of the Nelson Mandela African Institution of Science and TechnologyNetwork spoofing is becoming a common attack in wireless networks. Similarly, there is a rapid growth of numbers in mobile devices in the working environments. The trends pose a huge threat to users since they become the prime target of attackers. More unfortunately, mobile devices have weak security measures due to their limited computational powers, making them an easy target for attackers. Current approaches to detect spoofing attacks focus on personal computers and rely on the network hosts’ capacity, leaving users with mobile devices at risk. Furthermore, some approaches on Android-based devices demand root privilege, which is highly discouraged. This research aims to study users' susceptibility to network spoofing attacks and propose a detection solution in Android-based devices. The presented approach considers the difference in security information and signal levels of an access point to determine its legitimacy. On the other hand, it tests the legitimacy of the captive portal with fake login credentials since, usually, fake captive portals do not authenticate users. The detection approaches are presented in three networks: (a) open networks, (b) closed networks and (c) networks with captive portals. As a departure from existing works, this solution does not require root access for detection, and it is developed for portability and better performance. Experimental results show that this approach can detect fake access points with an accuracy of 98% and 99% at an average of 24.64 and 7.78 milliseconds in open and closed networks, respectively. On the other hand, it can detect the existence of a fake captive portal at an accuracy of 88%. Despite achieving this performance, the presented detection approach does not cover APs that do not mimic legitimate APs. As an improvement, future work may focus on pcap files which is rich of information to be used in detection

An Architectural Metrics Scorecard Based Approach to Intrusion Detection System Evaluation for Wireless Network

Wireless IDS architectural metrics are used to compare the intended scope, architecture of wireless IDS, and how they match the deployment architecture. These metrics can be used to evaluate the architectural efficiency of a wireless IDS and can help in designing efficient wireless IDS. Wireless IDS analyze wireless specific traffic including scanning for external users trying to connect to the network through access points and play important role in security to wireless network. Design of wireless IDS is a difficult task as wireless technology is advancing every day, Architectural metrics can play an important role in the design of wireless IDS by measuring the areas concern with the architecture of a wireless IDS. In this paper we describe a set of architectural metrics that are relevant to wireless IDS. A 201C;scorecard201D; containing the set of values is used as the centerpiece of testing and evaluating a wireless IDS. Evaluation of a wireless IDS can be done by assigning score to various architectural metrics concern with wireless IDS. We apply our architectural metrics scorecard based evaluation approach to three popular wireless IDS Snort-wireless, AirDefense Guard, and Kismet. Finally we discuss the results and the opportunities for further work in this area

Characteriscts of FSO Channel in WIFO

With explosive growth of Internet access from smart phones and tablets, increasing bandwidth for WIFI system is badly needed. Depending on two years’ research, we produced a novel communication system called WIFO system, which integrates both RF (Radio Frequency) and FSO (Free Space Optical) techniques. WIFO system can significantly increase the wireless capacities due to retaining the mobility offered by WIFI systems. According to our research, the potential bandwidth of WIFO could be at least 50Mbits/sec, which is much more advanced compared to existing WIFI system. In this thesis, we are not going to focus much on the mechanisms of WIFO system, but on the characteristics of FSO channel. Since the WIFO system mainly depends on the FSO (LED) channel, it is necessary to characterize it. In hence, this Thesis will analyze FSO (LED) channel via measuring the bit error rate in different situations and implementing Reed Solomen code to reduce transmitting errores

A wireless 802.11 condition monitoring sensor for electrical substation environments

The work reported in this thesis is concerned with the design, development and testing of a wireless 802.11 condition monitoring sensor for an electrical substation environments. The work includes a comprehensive literature review and the design and development of a novel continuous wireless data acquisition sensor. Laboratory and field tests were performed to evaluate the data acquisition performance of the developed wireless sensor. The sensor‟s wireless immunity to interference performance was also evaluated in laboratory and field tests. The literature survey reviews current condition monitoring practices in electrical substation environments with a focus on monitoring high voltage insulators and substation earth impedance. The data acquisition performance of the wireless sensor was tested in a laboratory using two artificially polluted insulators, in a fog chamber that applied clean fog. Analysis of the test results were found to be in good agreement with those recorded directly through a data acquisition card and transmitted via coaxial cable. The wireless impedance measurement of a 275kV transmission earth tower base field test was also performed and was found to be in agreement with previous published results from standard earth measurements. The sensor‟s wireless interference performance was evaluated at a field test site when no high voltage experiments were taking place. The sensors wireless interference performance was then tested in a laboratory environment before and during high voltage tests taking place. The results of these tests were compared to each other and to published results. These tests demonstrate the suitability of the sensor‟s design and its immunity to interference. The experimental work conducted using the developed wireless sensor has led to an understanding that continuous wireless data acquisition is possible in high voltage environments. However, novel condition monitoring systems that make use of such wireless sensors, have to take into account data losses and delays adequately. Furthermore, a solar power source was designed and constructed to be used for outdoor substation applications and the solar battery charging performance of the wireless sensor was tested in a solar laboratory.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

A wireless 802.11 condition monitoring sensor for electrical substation environments

The work reported in this thesis is concerned with the design, development and testing of a wireless 802.11 condition monitoring sensor for an electrical substation environments. The work includes a comprehensive literature review and the design and development of a novel continuous wireless data acquisition sensor. Laboratory and field tests were performed to evaluate the data acquisition performance of the developed wireless sensor. The sensor‟s wireless immunity to interference performance was also evaluated in laboratory and field tests. The literature survey reviews current condition monitoring practices in electrical substation environments with a focus on monitoring high voltage insulators and substation earth impedance. The data acquisition performance of the wireless sensor was tested in a laboratory using two artificially polluted insulators, in a fog chamber that applied clean fog. Analysis of the test results were found to be in good agreement with those recorded directly through a data acquisition card and transmitted via coaxial cable. The wireless impedance measurement of a 275kV transmission earth tower base field test was also performed and was found to be in agreement with previous published results from standard earth measurements. The sensor‟s wireless interference performance was evaluated at a field test site when no high voltage experiments were taking place. The sensors wireless interference performance was then tested in a laboratory environment before and during high voltage tests taking place. The results of these tests were compared to each other and to published results. These tests demonstrate the suitability of the sensor‟s design and its immunity to interference. The experimental work conducted using the developed wireless sensor has led to an understanding that continuous wireless data acquisition is possible in high voltage environments. However, novel condition monitoring systems that make use of such wireless sensors, have to take into account data losses and delays adequately. Furthermore, a solar power source was designed and constructed to be used for outdoor substation applications and the solar battery charging performance of the wireless sensor was tested in a solar laboratory