We propose a simple, passive and deployable approach for fingerprinting traffic on the wired side as a solution for three critical stealth attacks in wireless networks. We focus on extracting traces of the 802.11 medium access control (MAC) protocol from the temporal arrival patterns of incoming traffic streams as seen on the wired side, to identify attacker behavior. Attacks addressed include unauthorized access points, selfish behavior at the MAC layer and MAC layer covert timing channels. We employ the Bayesian binning technique as a means of classifying between delay distributions. The scheme requires no change to the 802.11 nodes or protocol, exhibits minimal computational overhead and offers a single point of discovery. We evaluate our model using experiments and simulations.
| Identifer | oai:union.ndltd.org:GEORGIA/oai:digitalarchive.gsu.edu:cs_theses-1056 |
| Date | 20 November 2008 |
| Creators | Venkataraman, Aravind |
| Publisher | Digital Archive @ GSU |
| Source Sets | Georgia State University |
| Detected Language | English |
| Type | text |
| Format | application/pdf |
| Source | Computer Science Theses |
Page generated in 0.0012 seconds