RIPPS: Rogue Identifying Packet Payload Slicer detecting unauthorized wireless hosts through network traffic conditioning

Chad D. Mano, Andrew Blaich, Qi Liao, Yingxin Jiang, David A. Cieslak, David C. Salyers, Aaron Striegel

Research output: Contribution to journalArticlepeer-review

45 Scopus citations

Abstract

Wireless network access has become an integral part of computing both at home and at the workplace. The convenience of wireless network access at work may be extremely beneficial to employees, but can be a burden to network security personnel. This burden is magnified by the threat of inexpensive wireless access points being installed in a network without the knowledge of network administrators. These devices, termed Rogue Wireless Access Points, may allow a malicious outsider to access valuable network resources, including confidential communication and other stored data. For this reason, wireless connectivity detection is an essential capability, but remains a difficult problem. We present a method of detecting wireless hosts using a local RTT metric and a novel packet payload slicing technique. The local RTT metric provides the means to identify physical transmission media while packet payload slicing conditions network traffic to enhance the accuracy of the detections. Most importantly, the packet payload slicing method is transparent to both clients and servers and does not require direct communication between the monitoring system and monitored hosts.

Original languageEnglish
Article number2
JournalACM Transactions on Information and System Security
Volume11
Issue number2
DOIs
StatePublished - May 1 2008

Keywords

  • Network security
  • Rogue systems
  • Traffic conditioning

Fingerprint

Dive into the research topics of 'RIPPS: Rogue Identifying Packet Payload Slicer detecting unauthorized wireless hosts through network traffic conditioning'. Together they form a unique fingerprint.

Cite this