TY - JOUR
T1 - RIPPS
T2 - Rogue Identifying Packet Payload Slicer detecting unauthorized wireless hosts through network traffic conditioning
AU - Mano, Chad D.
AU - Blaich, Andrew
AU - Liao, Qi
AU - Jiang, Yingxin
AU - Cieslak, David A.
AU - Salyers, David C.
AU - Striegel, Aaron
PY - 2008/5/1
Y1 - 2008/5/1
N2 - Wireless network access has become an integral part of computing both at home and at the workplace. The convenience of wireless network access at work may be extremely beneficial to employees, but can be a burden to network security personnel. This burden is magnified by the threat of inexpensive wireless access points being installed in a network without the knowledge of network administrators. These devices, termed Rogue Wireless Access Points, may allow a malicious outsider to access valuable network resources, including confidential communication and other stored data. For this reason, wireless connectivity detection is an essential capability, but remains a difficult problem. We present a method of detecting wireless hosts using a local RTT metric and a novel packet payload slicing technique. The local RTT metric provides the means to identify physical transmission media while packet payload slicing conditions network traffic to enhance the accuracy of the detections. Most importantly, the packet payload slicing method is transparent to both clients and servers and does not require direct communication between the monitoring system and monitored hosts.
AB - Wireless network access has become an integral part of computing both at home and at the workplace. The convenience of wireless network access at work may be extremely beneficial to employees, but can be a burden to network security personnel. This burden is magnified by the threat of inexpensive wireless access points being installed in a network without the knowledge of network administrators. These devices, termed Rogue Wireless Access Points, may allow a malicious outsider to access valuable network resources, including confidential communication and other stored data. For this reason, wireless connectivity detection is an essential capability, but remains a difficult problem. We present a method of detecting wireless hosts using a local RTT metric and a novel packet payload slicing technique. The local RTT metric provides the means to identify physical transmission media while packet payload slicing conditions network traffic to enhance the accuracy of the detections. Most importantly, the packet payload slicing method is transparent to both clients and servers and does not require direct communication between the monitoring system and monitored hosts.
KW - Network security
KW - Rogue systems
KW - Traffic conditioning
UR - http://www.scopus.com/inward/record.url?scp=40049098504&partnerID=8YFLogxK
U2 - 10.1145/1330332.1330334
DO - 10.1145/1330332.1330334
M3 - Article
AN - SCOPUS:40049098504
VL - 11
JO - ACM Transactions on Information and System Security
JF - ACM Transactions on Information and System Security
SN - 1094-9224
IS - 2
M1 - 2
ER -