A Hidden Markov Model based approach to detect rogue access points

Proceedings - IEEE Military Communications Conference MILCOM

Volumn , Issue , 2008, Pages

  Shivaraj, Gayathri ^a   Song, Min ^a   Shetty, Sachin ^a  

^a Old Dominion University   (United States)

Author keywords

Compromised rogue access points and denial of service; Hidden Markov Models; Rogue access points

Indexed keywords

COMPROMISED ROGUE ACCESS POINTS AND DENIAL OF SERVICE; DENIAL OF SERVICE ATTACKS; EXPERIMENTAL VALIDATIONS; FALSE NEGATIVES; FALSE POSITIVES; HEADER DATUM; INTER-ARRIVAL TIME; MARKOV MODELS; NETWORK ADMINISTRATORS; NON-INTRUSIVE; ROGUE ACCESS POINTS; ROUGE ACCESS POINTS; TRAFFIC CHARACTERISTICS;

COMPUTATIONAL GRAMMARS; COMPUTER CRIME; FREQUENCY ALLOCATION; GATEWAYS (COMPUTER NETWORKS); LOCAL AREA NETWORKS; MILITARY COMMUNICATIONS; OBJECT RECOGNITION; SECURITY OF DATA; TELECOMMUNICATION TRAFFIC; TRANSMISSION CONTROL PROTOCOL; WAVELET TRANSFORMS; WIRELESS LOCAL AREA NETWORKS (WLAN);

HIDDEN MARKOV MODELS;

EID: 62349140533     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MILCOM.2008.4753358     Document Type: Conference Paper

References (18)

1. White Paper, Rogue Access Point Detection: Automatically Detect and Manage Wireless Threats to your Network. [Online] Available at http://www.proxim.com.
2. Rim, M-S., Kang, H.-J., Hung, S.-C., Chung, S.-H., and Hong, J.W., "A Flow-based Method for Abnormal Network Traffic Detection," IEEE/IFIP Network Operations and Management Symopsium, Seoul, 2004.
3. Liran Ma, Amin Y. Teymorian, Xiuzhen Cheng, Min Song, "RAP: Protecting Commodity Wi-fi Networks from Rogue Access Points," International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness (QShine), August 2007, Vancouver, British Columbia.
4. "AirDefense enterprise: a wireless intrusion prevention system." [Online]. Available: http://www.airdefense.net/.
5. "AirMagnet: Enterprise WLAN management" [Online]. Available: http://www.airmagnet.com/.
6. A. Adya, P Bahl, R. Chandra, and L. Qui, "Architecture and techniques for diagnosing faults in IEEE 802.11 infrastruture networks", in MobiCom, 2004.
7. th International conference on Mobile systems, applications and services. New York, NY, 2006.
8. R. Beyah, S. Kangude, G. Yu, B. Stirckland, and J. Copeland, "Rogue access point detection using temporal traffic characteristics," In proc. Of GLOBECOM, Dallas, TX, 2004.
9. S. Shetty, M. Song, and L. Ma, "Rogue access point detection analysing network traffic characterstics," in MILCOM, Orlando, Florida, October 2007.
10. th ACM SIGCOMM conference on Internet measurement, New York, NY, 2007.
11. H. Yin, G. Chen, and J. Wang, "Detecting Protected Layer-3 Rogue APs," In Proc. Of the Fourth IEEE International Conference on Broadband Communications, Networks, and Systems, Raleigh, NC, September 2007.
12. N. Ye, "A Markov chain model of temporal behaviour for anomaly detection," the IEEE Systems Man and Cybernetics Information Assurance and Security Workshop, West Point, NY, 2000.
13. Y. Zheng, K. Lu, D.W. Fang, "Performance Analysis of IEEE 802.11 DCF in Imperfect Channels", IEEE Transactions on Vehicular Technology, Sep 2006.
14. K. Murphy, "Hidden Markov Model(HMM) Toolbox for MATLAB," online at http://www.ai.mit.edu/∼murphvk/Software/HMM/h mm.html.
15. Lawrence R. Rabiner, "A tutorial on hidden Markov models and selected applications in speech recognition," In Proc of IEEE, Feb 1989.
16. David K. Y. Yau, John C. S. Lui, Feng liang, Yeung Yam, "Defending Against Distributed Denial-of-Service Attacks with Max-Min Fair Server-Centric Router Throttles," IEEE/ACM Transactions on Networking, 2005.
17. Svetlana Radosavac, John S. Baras, "Detection and Classification of Network Intrusions Using Hidden Markov Models," Conference on Information Sciences and Systems, 2003.
18. th IEEE Real Time and Embedded Technology and Applications Symposium(RTAS '05).