Wireless spoofing attacks are easy to launch and can significantly affect network performance. Although the identity of a node can be verified through cryptographic authentication, conventional security approaches are not always desirable because of their general requirements. The project proposes to use spatial information, a physical property associated with each node, difficult to falsify, and not rely on cryptography, as a basis for
1) detecting forgery attacks;
2) determine the number of attackers when several adversaries disguise themselves as the same node identity; And
3) location of multiple adversaries.
It is proposed to use the spatial correlation of the received signal strength (RSS) inherited from the wireless nodes to detect impersonation attacks. It raises the problem of determining the number of attackers as a detection problem of several classes. Cluster-based mechanisms are developed to determine the number of attackers. When training data is available, the project explores the use of the Vector Support Machine (SVM) method to improve the precision of determining the number of attackers. The localization results use a representative set of algorithms that provide strong evidence of high-precision localization of multiple adversaries. In addition, a fast and efficient mobile replica node detection scheme is proposed using the Sequence Probability Ratio Test. He evaluated our techniques through two test benches using an 802.11 network (WiFi) and an 802.15.4 network (ZigBee) in two real office buildings.
The wireless transmission medium, opponents can control any transmission. In addition, opponents can easily buy low-cost wireless devices and use these commonly available platforms to launch a variety of attacks with little effort. Among the various types of attacks, identity-based attacks are especially easy to launch and can cause significant damage to network performance. For example, on an 802.11 network, it is easy for an attacker to collect useful MAC address information during passive monitoring and then modify their MAC address by simply issuing an ifconfig command to mask as another device. Despite existing 802.11 security techniques, such as Wired Equivalent Privacy, WiFi Protected Access (WPA), or 802.11i (WPA2), this methodology can only protect data frames.