| Sponsor: | N/A |
| Period: | June 2002 - July 2003 |
| Student: | Vishal Bhargava (graduated Summer 2003) |
On a wired network, physical authentication is implicitly provided by
access: if a user is able to plug a cable into a network socket, he
must have cleared other security checks such as the receptionist
and/or locked doors. In the case of a wireless local area network
(WLAN), the signal propagation is not limited by a fixed boundary, and
unauthorized access from outside the security perimeter is possible,
and in many instances facile. In this project, we use a probabilistic
technique for localization of users in a WLAN. The presented technique
is able to identify intruders based on their location, and thus
successfully defend a parking lot
attack. The approach relies
on a probabilistic mapping from received signal strength (RSSI) to
location.
Calibration inside and around the security perimeter must precede the localization phase. During the localization phase, the RSSI of all the WLAN users is measured by multiple monitoring stations positioned to provide an overlapping coverage of the area (the access points needed to provide the WLAN coverage can double as monitoring stations). A Bayesian technique is used to estimate the location of the unsuspecting mobile user, and the position estimate of each user is updated with every new RSSI measurement at any of the monitoring stations. The presented approach is server-based, i.e., it works without the knowledge or cooperation of the user being tracked, thereby enabling the proposed security application, as well as location-aware services. Validation of the concepts was implemented using an experimental testbed in an office environment. The results demonstrate the ability of the proposed technique to estimate the user location to a very high degree of accuracy.
Security Enhancements for Wireless LANs: Localizing the Active Attacker,MS Thesis, Dept. of Electrical and Computer Engineering, NC State University, August 2003.
Last modified: Tue Oct 17 13:19:21 EDT 2006