摘要:The impersonation of wireless Access Point (AP) poses an unprecedented number of threats that can compromise a wireless client’s identity, personal data, and network integrity. The AP impersonation attack is conducted by establishing rogue AP with spoofed Service Set Identifier (SSID) and MAC address same as the target legitimate AP. Since these identities can be easily forged, there is no identifier can be used to identify the legitimate AP. Due to strong correlation between the AP signal strength and the distance, in this paper, we propose a client-centric AP spoofing detection framework by exploiting the statistical relationship of signal strength from the legitimate and rogue APs. We show the relationship between the signals can be determined by using two classical partitioning-based clustering methods, K-means and K-medoids analysis. The experimental results show that both analysis methods can achieve over 90% detection rate
关键词:Spoofing Attack;Wireless Network;K-Means;K-Medoids;Radio Signal Strength;AP Impersonation
