Visit the Wireless @ Virginia Tech website.
Wireless network fingerprints technique helps identify location spoofers
Pervasive wireless networking, while convenient for users, presents an ever-increasing attack surface for hostile hackers. Attackers may try to misrepresent or hide their own location, or modify, forge, hide, or steal the location information of legitimate users.
Although much research has gone into improving location systems for legitimate use, relatively little has been done on detecting and countering attackers, according to Jeong Lee, who, with his advisor, Michael Buehrer, has developed new detection and positioning techniques.
Lee’s work focuses on detecting and localizing spoofing attacks — those who disguise the source of their signal and thus their position in the network. Lee described two possible methods of forging an attack location: signal strength attacks, in which the attacker falsifies information about his transmit signal strength; and beamforming attacks in which attacker’s antenna radiation pattern and strength are controlled as desired to one or more specific receivers.
Standard localization methods assume that network clients are truthful in the information that they provide about original signal strength and other location parameters, and so are unable to counter such attacks effectively. Other techniques have been proposed to detect and localize an attacker using signal strength only, but they rely on expensive or time-consuming research into an area’s radio map or other pre-established statistical information. Moreover, the previous methods cannot deal with beamforming attacks and mobile attackers.
Lee’s and Buehrer’s solution is based on examining relative location error, rather than its absolute value. It relies on a set of new statistical and pattern matching algorithms based on normative signal strength data. Called “topological residual fingerprint matching,” the technique is able to successfully identify attacks in progress, without any specific location or map information necessary. They also suggested a novel technique for tracing the forged signals back to their real location against both signal strength and beamforming attacks.