Article

Detecting identity-based attacks in wireless networks using signalprints

Authors:

Daniel B. Faria,

David R. CheritonAuthors Info & Claims

WiSe '06: Proceedings of the 5th ACM workshop on Wireless security

Pages 43 - 52

https://doi.org/10.1145/1161289.1161298

Published: 28 September 2006 Publication History

Abstract

Wireless networks are vulnerable to many identity-based attacks in which a malicious device uses forged MAC addresses to masquerade as a specific client or to create multiple illegitimate identities. For example, several link-layer services in IEEE 802.11 networks have been shown to be vulnerable to such attacks even when 802.11i/1X and other security mechanisms are deployed. In this paper we show that a transmitting device can be robustly identified by its signalprint, a tuple of signal strength values reported by access points acting as sensors. We show that, different from MAC addresses or other packet contents, attackers do not have as much control regarding the signalprints they produce. Moreover, using measurements in a testbed network, we demonstrate that signalprints are strongly correlated with the physical location of clients, with similar values found mostly in close proximity. By tagging suspicious packets with their corresponding signalprints, the network is able to robustly identify each transmitter independently of packet contents, allowing detection of a large class of identity-based attacks with high probability.

References

[1]

LAN MAN Standards Committee of the IEEE Computer Society. Standard for Port based Network Access Control. Technical Report Draft P802.1X/D11, IEEE Computer Society, Mar. 2001.

[2]

LAN MAN Standards Committee of the IEEE Computer Society. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications - Amendment 6: Medium Access Control (MAC) Security Enhancements. Technical Report 2004 Edition, IEEE Std 802.11i, July 2004.

[3]

M. Abadi, M. Burrows, and T. Wobber. Moderately Hard, Memory-Bound Functions. In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, USA, Feb. 2003.

[4]

P. Bahl and V. N. Padmanabhan. RADAR: An In-Building RF-Based User Location and Tracking System. In Proc. of IEEE INFOCOM, Tel-Aviv, Israel, Mar. 2000.

[5]

J. Bellardo and S. Savage. 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions. In Proceedings of the USENIX Security Symposium, Washington, DC, USA, Aug. 2003.

Digital Library

[6]

P. Calhoun, M. Montemurro, and D. Stanley. CAPWAP Protocol Specification. IETF Internet Draft, draft-ietf-capwap-protocol-specification-01, May 2006.

[7]

D. Dean and A. Stubblefield. Using Client Puzzles to Protect TLS. In Proceedings of the Tenth USENIX Security Symposium, Washington, DC, USA, Aug. 2001.

Digital Library

[8]

M. Demirbas and Y. Song. An RSSI-based Scheme for Sybil Attack Detection in Wireless Sensor Networks. In Proc. of International Workshop on Advanced Experimental Activities on Wireless Networks and Systems, June 2006.

Digital Library

[9]

K. J. Ellis and N. Serinken. Characteristics of Radio Transmitter Fingerprints. Radio Science, 36:585--598, 2001.

[10]

M. Gruteser and D. Grunwald. Enhancing Location Privacy in Wireless LAN Through Disposable Interface Identifiers: A Quantitative Analysis. Mobile Networks and Applications, 10(3):315--325, June 2005.

Digital Library

[11]

A. Haeberlen, E. Flannery, A. M. Ladd, A. Rudys, D. S. Wallach, and L. Kavraki. Practical Robust Localization over Large-Scale 802.11 Wireless Networks. In Proc. of ACM MobiCom, Philadelphia, PA, Sept. 2004.

Digital Library

[12]

J. Hall, M. Barbeau, and E. Kranakis. Enhancing Intrusion Detection in Wireless Networks Using Radio Frequency Fingerprinting. In Proc. of The IASTED Conference on Communications, Internet and Information Technology, Nov. 2004.

[13]

H. Hashemi. The Indoor Radio Propagation Channel. Proceedings of IEE, 81(7):943--968, July 1993.

[14]

J. Hightower, R. Want, and G. Borriello. SpotON: An Indoor 3D Location Sensing Technology Based on RF Signal Strength. Technical Report UW CSE 2000-02-02, University of Washington, Feb. 2000.

[15]

A. Juels and J. Brainard. Client Puzzles: A Cryptographic Defense Against Connection Depletion Attacks. In Proceedings of the Network and Distributed System Security Symposium (NDSS), pages 151--165, San Diego, USA, Feb. 1999.

[16]

D. Kotz and K. Essien. Analysis of a Campus-wide Wireless Network. In Proc. of ACM MobiCom, pages 107--118, Atlanta, GA, Sept. 2002.

Digital Library

[17]

A. M. Ladd, K. E. Bekris, A. Rudys, G. Marceau, L. E. Kavraki, and D. S. Wallach. Robotics-Based Location Sensing using Wireless Ethernet. In Proc. of ACM MobiCom, Atlanta, GA, USA, Sept. 2002.

Digital Library

[18]

T. S. Rappaport. Wireless Communications - Principles and Practice. Prentice Hall PTR, 2nd edition, Jan. 2002.

Digital Library

[19]

M. J. Riezenman. Cellular security: better, but foes still lurk. IEEE Spectrum, 37(6):39--42, June 2000.

Digital Library

[20]

T. Roos, P. Myllymäki, H. Tirri, P. Misikangas, and J. Sievänen. A Probabilistic Approach to WLAN User Location Estimation. International Journal of Wireless Information Networks, 9(3):155--164, July 2002.

[21]

P. Tao, A. Rudys, A. Ladd, and D. S. Wallach. Wireless LAN Location-Sensing for Security Applications. In Proc. of the Second ACM Workshop on Wireless Security (WiSe'03), pages 11--20, Sept. 2003.

Digital Library

[22]

O. Ureten and N. Serinken. Detection of Radio Transmitter Turn-On Transients. Electronic Letters, 35(23):1996--1997, Nov. 1999.

[23]

O. Ureten and N. Serinken. Bayesian Detection of Wi-Fi Transmitter RF Fingerprints. Electronic Letters, 41(6):373--374, Mar. 2006.

[24]

M. Youssef and A. Agrawala. The Horus WLAN Location Determination System. In Proc. of ACM/USENIX Mobisys, Seattle, WA, June 2005.

Digital Library

Cited By

Meng RXu BXu XSun MWang BHan SLv SZhang P(2025)A survey of Machine Learning-based Physical-Layer Authentication in wireless communicationsJournal of Network and Computer Applications10.1016/j.jnca.2024.104085235(104085)Online publication date: Mar-2025
https://doi.org/10.1016/j.jnca.2024.104085
Huang JLiu BMiao CZhang XLiu JSu LLiu ZGu Y(2024)PhyFinAtt: An Undetectable Attack Framework Against PHY Layer Fingerprint-Based WiFi AuthenticationIEEE Transactions on Mobile Computing10.1109/TMC.2023.333895423:7(7753-7770)Online publication date: Jul-2024
https://doi.org/10.1109/TMC.2023.3338954
Tomovic SKrivokapic BRadusinovic I(2024)CNN-Based Physical Layer Authentication Method for Underwater Acoustic Sensor Networks2024 32nd Telecommunications Forum (TELFOR)10.1109/TELFOR63250.2024.10819076(1-4)Online publication date: 26-Nov-2024
https://doi.org/10.1109/TELFOR63250.2024.10819076
Show More Cited By

Index Terms

Detecting identity-based attacks in wireless networks using signalprints
1. Networks
  1. Network properties
    1. Network range
      1. Local area networks
      2. Wide area networks
  2. Network services
    1. Network monitoring

Recommendations

Defending against false-endorsement-based dos attacks in wireless sensor networks
WiSec '08: Proceedings of the first ACM conference on Wireless network security

Node compromise is a serious threat in wireless sensor networks. An adversary can use compromised sensor nodes to inject false data to deceive the base station or he can try to deplete the energy resources of the sensor nodes. One approach to mitigate ...
Energy-efficient link-layer jamming attacks against wireless sensor network MAC protocols
SASN '05: Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks

A typical wireless sensor node has little protection against radio jamming. The situation becomes worse if energy-efficient jamming can be achieved by exploiting knowledge of the data link layer. Encrypting the packets may help prevent the jammer from ...
Detection of man-in-the-middle attacks using physical layer wireless security techniques

Compared with a wired network, a wireless network is not protected by the cable transmission medium. Information is broadcasted over the air and it can be intercepted by anyone within the transmission range. Even though the transmissions could ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSe '06: Proceedings of the 5th ACM workshop on Wireless security

September 2006

115 pages

ISBN:1595935576

DOI:10.1145/1161289

Conference Chairs:
Radha Poovendran
University of Washington
,
Ari Juels
RSA Laboratories

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 September 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

DIWANS06

Sponsor:

SIGMOBILE

DIWANS06: Workshop on Dependability Issues in Wireless Ad Hoc Networks and Sensor Networks 2006

September 29, 2006

California, Los Angeles

Acceptance Rates

Overall Acceptance Rate 10 of 41 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

219
Total Citations
View Citations
2,480
Total Downloads

Downloads (Last 12 months)44
Downloads (Last 6 weeks)7

Reflects downloads up to 28 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Meng RXu BXu XSun MWang BHan SLv SZhang P(2025)A survey of Machine Learning-based Physical-Layer Authentication in wireless communicationsJournal of Network and Computer Applications10.1016/j.jnca.2024.104085235(104085)Online publication date: Mar-2025
https://doi.org/10.1016/j.jnca.2024.104085
Huang JLiu BMiao CZhang XLiu JSu LLiu ZGu Y(2024)PhyFinAtt: An Undetectable Attack Framework Against PHY Layer Fingerprint-Based WiFi AuthenticationIEEE Transactions on Mobile Computing10.1109/TMC.2023.333895423:7(7753-7770)Online publication date: Jul-2024
https://doi.org/10.1109/TMC.2023.3338954
Tomovic SKrivokapic BRadusinovic I(2024)CNN-Based Physical Layer Authentication Method for Underwater Acoustic Sensor Networks2024 32nd Telecommunications Forum (TELFOR)10.1109/TELFOR63250.2024.10819076(1-4)Online publication date: 26-Nov-2024
https://doi.org/10.1109/TELFOR63250.2024.10819076
Wang RShi HHan KZhang P(2024)Physical Layer Authentication with Cascade Channel Characteristics in IRS-Assisted UAV Communication System2024 International Conference on Networking and Network Applications (NaNA)10.1109/NaNA63151.2024.00059(317-320)Online publication date: 9-Aug-2024
https://doi.org/10.1109/NaNA63151.2024.00059
Lv LXu DQingyang Hu RYe YYang LLei XWang XIn Kim DNallanathan A(2024)Safeguarding Next-Generation Multiple Access Using Physical Layer Security Techniques: A TutorialProceedings of the IEEE10.1109/JPROC.2024.3420127112:9(1421-1466)Online publication date: Oct-2024
https://doi.org/10.1109/JPROC.2024.3420127
Zhang GHu QZhang YDai YJiang T(2024)Lightweight Cross-Domain Authentication Scheme for Securing Wireless IoT Devices Using Backscatter CommunicationIEEE Internet of Things Journal10.1109/JIOT.2024.337847611:12(22021-22035)Online publication date: 15-Jun-2024
https://doi.org/10.1109/JIOT.2024.3378476
Itaya SOhori FOsuga TMatsumura T(2024)Detecting Predictability in Multi-Sensor Monitoring of Indoor Wireless Communication Environment2024 IEEE International Conference on Consumer Electronics (ICCE)10.1109/ICCE59016.2024.10444296(1-2)Online publication date: 6-Jan-2024
https://doi.org/10.1109/ICCE59016.2024.10444296
Tomović SKrivokapić BNađ ÐRadusinović I(2024)BEKMP: A Blockchain-Enabled Key Management Protocol for Underwater Acoustic Sensor NetworksIEEE Access10.1109/ACCESS.2024.340589012(74108-74125)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3405890
Lourme OGrimaud GHauspie M(2023)ZBDS2023: A multi location Zigbee dataset to build innovative IoT Intrusion Detection Systems2023 19th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob)10.1109/WiMob58348.2023.10187745(84-91)Online publication date: 21-Jun-2023
https://doi.org/10.1109/WiMob58348.2023.10187745
Liu CZhao RShi TWang H(2023)Node Authentication for Underwater Sensor Networks Based on Time Reversal and LinUCBOCEANS 2023 - Limerick10.1109/OCEANSLimerick52467.2023.10244452(1-5)Online publication date: 5-Jun-2023
https://doi.org/10.1109/OCEANSLimerick52467.2023.10244452
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten