Detection of rogue devices in Wireless Networks by Jeyanthi Hall A thesis submitted to the Faculty of Graduate Studies and Research in partial fulfilment of the requirements for the degree of Doctor of Philosophy Ottawa-Carleton Institute for Computer Science School of Computer Science Carleton University Ottawa, Ontario August 2006 © Copyright August 2006, Jeyanthi Hall Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. Library and Bibliotheque et Archives Canada Archives Canada Published Heritage Direction du Branch Patrimoine de I'edition 395 Wellington Street 395, rue Wellington Ottawa ON K1A 0N4 Ottawa ON K1A 0N4 Canada Canada Your file Votre reference ISBN: 978-0-494-18221-5 Our file Notre reference ISBN: 978-0-494-18221-5 NOTICE: AVIS: The author has granted a non­ L'auteur a accorde une licence non exclusive exclusive license allowing Library permettant a la Bibliotheque et Archives and Archives Canada to reproduce,Canada de reproduire, publier, archiver, publish, archive, preserve, conserve,sauvegarder, conserver, transmettre au public communicate to the public by par telecommunication ou par I'lnternet, preter, telecommunication or on the Internet,distribuer et vendre des theses partout dans loan, distribute and sell theses le monde, a des fins commerciales ou autres, worldwide, for commercial or non­ sur support microforme, papier, electronique commercial purposes, in microform,et/ou autres formats. paper, electronic and/or any other formats. The author retains copyright L'auteur conserve la propriete du droit d'auteur ownership and moral rights in et des droits moraux qui protege cette these. this thesis. Neither the thesis Ni la these ni des extraits substantiels de nor substantial extracts from it celle-ci ne doivent etre imprimes ou autrement may be printed or otherwise reproduits sans son autorisation. reproduced without the author's permission. In compliance with the Canadian Conformement a la loi canadienne Privacy Act some supporting sur la protection de la vie privee, forms may have been removed quelques formulaires secondaires from this thesis. ont ete enleves de cette these. While these forms may be includedBien que ces formulaires in the document page count, aient inclus dans la pagination, their removal does not represent il n'y aura aucun contenu manquant. any loss of content from the thesis. i * i Canada Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. Abstract The need for robust access control mechanisms is paramount, especially in Wireless Local Area Network (WLAN)s and Wireless Wide Area Network (WWAN)s. Current authentication systems are vulnerable to device impersonation by rogue devices. Within cellular mobile networks, this threat is actualized by cloning cell phones, and using the clones for obtaining free services. A well known example in Wireless Fidelity (WiFi)/802.11 networks is Media Access Control (MAC) address spoofing. In this case, an attacker captures the MAC address of an authorized device and programs it into his device, in order to obtain unauthorized access. The threat of address spoofing is equally applicable to Bluetooth (BT) ad-hoc networks. The underlying problem is the continued use of Access Control List (ACL)s, based on a single malleable identifier, e.g. MAC addresses. Given the ease with which the aforementioned attacks are mounted, and the potential impact on these networks, there is a requirement for access control mechanisms that are capable of detecting impersonation attacks. What would prove useful is to associate a malleable identifier with less malleable characteristics. Hence, we explore the feasibility of using Anomaly-based Intrusion Detection (ABID), which makes use of device-based and/or user-based profiles for ad­ dressing the aforementioned problem. For example, an ABID system would compare multiple instances of device/user characteristics, associated with a given identifier, to those in the corresponding profile. Deviations from pre-established thresholds would be indicative of cloning or address spoofing. More specifically, we explore the use of Radio Frequency Fingerprinting (RFF) for characterizing transceivers in WiFi/802.11 and BT wireless cards, i.e. create device- ii Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. based profiles, and Hotelling’s T 2 statistics for classification purposes. Similarly, we also investigate the adoption of User Mobility Pattern (UMP)s for user-based profiles and the Instance-Based Learning (IBL) technique for classification. Average detection rates of 93% (BT) and 94.5% (WiFi/802.11) support the feasibility of incorporating RFF, in ABID, for detecting address spoofing. On the other hand, the use of UMPs for similar purposes is also technically feasible. Thus, device-based and user-based characteristics can be exploited for detecting rogue devices in wireless networks. iii Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. To my late father and sister, Edwin and Jessie Vethamuthu, my mother Vasantha, my husband Charles and my daughter Tasha. iv Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. Acknowledgements The undertaking and completion of the Ph.D program has proved to be an eventful journey, filled with tribulations and challenges, both personal and professional. Hence, it is with immense gratitude that I acknowledge those, who have provided me with inspiration, financial and moral support, and technical direction. I start by thanking God for the strength he had provided, especially during the most difficult moments in my life. This work would not have been possible without him. I will always be grateful to my father and sister for being two of my role models in life. Although they are no longer with me, their infinite love and kindness exemplified the unmeasurable power of the human spirit. I would also like to thank my mother for her unconditional love and support, especially when she assumed the role of the chauffeur. Likewise, I would like to acknowledge my husband, for his services as editor and chef. He not only prepared the meals but also served it with a smile, sometimes night after night. As my personal editor, he has been instrumental in improving the quality of all research documents. If there is one thing that I have learnt from my daughter, it is the attitude with which to face all adversities of life. I would like to thank her immensely for being a wonderful daughter and friend. Finally, I thank each member of my extended family (Juana, Jennifer, Mike, Vince and Marcin) and close friends (Sue and Florentina) for their continued support and prayers. There are no words, which can adequately express my gratitude for the encour­ agement and technical direction, which I have been so fortunate to receive from my supervisors, Professors Evangelos Kranakis and Michel Barbeau. They have taught me so much more than wireless networks and security. v Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. I would also like to thank the committee members for their invaluable comments and suggestions. Their input and guidance has proved beneficial in establishing the scope and objectives of this research initiative. Moreover, I am very grateful to Dr. Nur Serinken and Michel Paquette for their invaluable feedback on technical matters. The fact that the quality of my life, as a student, had been exceptional, is due to the support that I had received from my fellow colleagues and the administrative team. I would like to personally thank Cindy, Miguel, Tao, Paul, Shao, Linda, Sandy, Jane and Sharmilla for their assistance in coping with all facets of the Ph.D program. Finally, for providing me with financial assistance, I extend my sincere appre­ ciation to the following organizations: Natural Sciences and Engineering Research Council of Canada, Mathematics of Information Technology and Complex Systems, and Alcatel. vi Reproduced with permission of the copyright owner. Further reproduction prohibited without permission. Contents I Preliminaries 1 1 Introduction 2 1.1 Motivation ........................................................................................................ 4 1.2 Research Objective ....................................................................................... 6 1.3 Approach ...................................................................................................... 6 1.4 Summary of contributions ......................................................................... 8 1.5 Outline of Thesis ...................................................................... 12 II Background: Access Control in Wireless Networks 14 2 Intrusion prevention in Wireless Networks 15 2.1 Bluetooth ....................................................................................................... 21 2.1.1 Security S e rv ic e s .................................................................... 24 2.1.2 Device Authentication P ro to c o l .......................................... 25 2.1.3 Weaknesses and Resolution Strategies in Authentication . 26 2.1.4 Link Layer/Higher Layer Solutions ................................... 30 2.2 WiFi/802.11 ........................................................................................................ 38 2.2.1 Security services ............................................................................
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages294 Page
-
File Size-