SecureArray: Improving wifi security with fine-grained physical-layer

Despite the important role that WiFi networks play in home and enterprise networks they are relatively weak from a security standpoint. With easily available directional antennas, attackers can be physically located off-site, yet compromise WiFi security protocols such as WEP, WPA, and even to some...

Full description

Saved in:
Bibliographic Details
Main Authors: XIONG, Jie, JAMIESON, Kyle
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2013
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/2704
https://ink.library.smu.edu.sg/context/sis_research/article/3704/viewcontent/p441_xiong_afv.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-3704
record_format dspace
spelling sg-smu-ink.sis_research-37042016-12-29T06:46:37Z SecureArray: Improving wifi security with fine-grained physical-layer XIONG, Jie JAMIESON, Kyle Despite the important role that WiFi networks play in home and enterprise networks they are relatively weak from a security standpoint. With easily available directional antennas, attackers can be physically located off-site, yet compromise WiFi security protocols such as WEP, WPA, and even to some extent WPA2 through a range of exploits specific to those protocols, or simply by running dictionary and human-factors attacks on users' poorly-chosen passwords. This presents a security risk to the entire home or enterprise network. To mitigate this ongoing problem, we propose SecureArray, a system designed to operate alongside existing wireless security protocols, adding defense in depth against active attacks. SecureArray's novel signal processing techniques leverage multi-antenna access point (AP) to profile the directions at which a client's signals arrive, using this angle-of-arrival (AoA) information to construct highly sensitive signatures that with very high probability uniquely identify each client. Upon overhearing a suspicious transmission, the client and AP initiate an AoA signature-based challenge-response protocol to confirm and mitigate the threat. We also discuss how SecureArray can mitigate direct denial-of-service attacks on the latest 802.11 wireless security protocol. We have implemented SecureArray with an eight-antenna WARP hardware radio acting as the AP. Our experimental results show that in a busy office environment, SecureArray is orders of magnitude more accurate than current techniques, mitigating 100% of WiFi spoofing attack attempts while at the same time triggering false alarms on just 0.6% of legitimate traffic. Detection rate remains high when the attacker is located only five centimeters away from the legitimate client, for AP with fewer numbers of antennas and when client is mobile. 2013-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2704 info:doi/10.1145/2500423.2500444 https://ink.library.smu.edu.sg/context/sis_research/article/3704/viewcontent/p441_xiong_afv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University security securearray AOA signature antenna array system wireless 802.11 Digital Communications and Networking Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic security
securearray
AOA signature
antenna array system
wireless
802.11
Digital Communications and Networking
Software Engineering
spellingShingle security
securearray
AOA signature
antenna array system
wireless
802.11
Digital Communications and Networking
Software Engineering
XIONG, Jie
JAMIESON, Kyle
SecureArray: Improving wifi security with fine-grained physical-layer
description Despite the important role that WiFi networks play in home and enterprise networks they are relatively weak from a security standpoint. With easily available directional antennas, attackers can be physically located off-site, yet compromise WiFi security protocols such as WEP, WPA, and even to some extent WPA2 through a range of exploits specific to those protocols, or simply by running dictionary and human-factors attacks on users' poorly-chosen passwords. This presents a security risk to the entire home or enterprise network. To mitigate this ongoing problem, we propose SecureArray, a system designed to operate alongside existing wireless security protocols, adding defense in depth against active attacks. SecureArray's novel signal processing techniques leverage multi-antenna access point (AP) to profile the directions at which a client's signals arrive, using this angle-of-arrival (AoA) information to construct highly sensitive signatures that with very high probability uniquely identify each client. Upon overhearing a suspicious transmission, the client and AP initiate an AoA signature-based challenge-response protocol to confirm and mitigate the threat. We also discuss how SecureArray can mitigate direct denial-of-service attacks on the latest 802.11 wireless security protocol. We have implemented SecureArray with an eight-antenna WARP hardware radio acting as the AP. Our experimental results show that in a busy office environment, SecureArray is orders of magnitude more accurate than current techniques, mitigating 100% of WiFi spoofing attack attempts while at the same time triggering false alarms on just 0.6% of legitimate traffic. Detection rate remains high when the attacker is located only five centimeters away from the legitimate client, for AP with fewer numbers of antennas and when client is mobile.
format text
author XIONG, Jie
JAMIESON, Kyle
author_facet XIONG, Jie
JAMIESON, Kyle
author_sort XIONG, Jie
title SecureArray: Improving wifi security with fine-grained physical-layer
title_short SecureArray: Improving wifi security with fine-grained physical-layer
title_full SecureArray: Improving wifi security with fine-grained physical-layer
title_fullStr SecureArray: Improving wifi security with fine-grained physical-layer
title_full_unstemmed SecureArray: Improving wifi security with fine-grained physical-layer
title_sort securearray: improving wifi security with fine-grained physical-layer
publisher Institutional Knowledge at Singapore Management University
publishDate 2013
url https://ink.library.smu.edu.sg/sis_research/2704
https://ink.library.smu.edu.sg/context/sis_research/article/3704/viewcontent/p441_xiong_afv.pdf
_version_ 1770572589122453504