Abstract
Impersonation attacks in wireless and mobile networks by professional criminal groups are becoming more sophisticated. We confirm with simple risk analysis that impersonation attacks offer attractive incentives to malicious criminals and should therefore be given highest priority in research studies. We also survey our recent investigations on Radio Frequency Fingerprinting and User Mobility Profiles and discuss details of our methodologies for building enhanced intrusion detection systems for future wireless and mobile networks.
Research supported in part by NSERC (Natural Sciences and Engineering Research Council of Canada) and MITACS (Mathematics of Information Technology and Complex Systems) grants.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Aboba, B.: The unofficial 802.11 security web page - security vulnerabilities in EAP methods (May 2005), http://www.drizzle.com/~aboba/IEEE/
Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible authentication protocol (EAP). The Internet Engineering Task Force - Request for Comments, 3748 (June 2004)
Aboba, B., Simon, D.: PPP EAP TLS authentication protocol. The Internet Engineering Task Force - Request for Comments, 2716 (October 1999)
Adelstein, F., Alla, P., Joyce, R., Richard III, G.G.: Physically locating wireless intruders. In: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC 2004), pp. 482–489 (2004)
WiFi Alliance. Wi-fi protected access (WPA) enhanced security implementation based on ieee p802.11i standard, version 3.1 (August 2004)
Barbeau, M., Robert, J.-M.: Perfect identity concealment in UMTS over radio access links. In: Proceedings of the Wireless and Mobile Computing, Networking and Communications, Montreal, Canada (August 2005)
Ellis, K.J., Serinken, N.: Characteristics of radio transmitter fingerprints. Radio Science 36, 585–597 (2001)
ETSI. Telecommunications and internet protocol harmonization over networks TIPHON release 4; protocol framework definition; methods and protocols for security; part 1: Threat analysis. Technical Specification ETSI TS 102 165-1 V4.1.1 (2003)
Filjar, R., Desic, S.: Architecture of the automatic position reporting system (APRS). In: Proceedings of 46th International Symposium on Electronics in Marine (Elmar), pp. 331–335 (2004)
Hall, J.: Anomaly-based Intrusion Detection in Wireless Networks using Device and User-based Profiles. PhD thesis, Carleton University (Fall 2005)
Hall, J., Barbeau, M., Kranakis, E.: Detection of Transient in Radio Frequency Fingerprinting using Signal Phase. In: Proceedings of the 3rd IASTED International Conference on Wireless and Optical Communications (WOC 2003), Banff, Canada, pp. 13–18. ACTA Press (July 2003)
Hall, J., Barbeau, M., Kranakis, E.: Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In: Proceedings of the 3rd IASTED International Conference on Communications, Internet and Information Technology (CIIT), St. Thomas, U.S. Virgin Islands, pp. 201–206 (November 2004)
Hall, J., Barbeau, M., Kranakis, E.: Using mobility profiles for anomaly-based intrusion detection in mobile networks. In: Proceedings of the Wireless and Mobile Computing, Networking and Communications, Montreal, Canada, pp. 22–24 (August 2005), Preliminary version in NDSS 2005 Preconference Workshop on Wireless and Mobile Security
Haverinen, H., Salowey, J.: Extensible authentication protocol method for GSM subscriber identity modules (EAP-SIM). Work in progress (December 2004)
Hunter, A.: Feature selection using probabilistic neural networks. Neural Computing and Applications 9, 124–132 (2000)
AirDefense Inc. Accessed in (February 2004), http://www.airdefense.net
Financial Times Information. Mobile cloning (March 2005)
Laing, A.: The Security Mechanism for IEEE 802.11 Wireless Networks (2001), http://rr.sans.org/wireless/IEEE80211.php
Lane, T., Brodley, C.E.: Temporal sequence learning and data reduction for anomaly detection. ACM Transactions on Information and System Security 2(3), 295–331 (1999)
Ma, W., Fang, Y.: A new location management strategy based on user mobility pattern for wireless networks. In: Proceedings of the 27th Annual Conference on Local Computer Networks (2002)
Markoulidakis, J., Lyberopoulos, G., Tsirkas, D., Sykas, E.: Evaluation of location area planning scenarios in future mobile telecommunication systems. Wireless Networks 1 (1995)
Netstumbler (Accessed in February 2004), http://www.netstumbler.org
LAN MAN Standards Committee of the IEEE Computer Society, the IEEE Microwave Theory, and Techniques Society. Local and metropolitan area networks - part 16: Air interface for fixed broadband wireless access systems - amendment for physical and medium access control layers for combined fixed and mobile operation in licensed bands. Draft IEEE Standard, IEEE P802.16e/D8-2005 (May 2005)
Riezenman, M.J.: Cellular security: better, but foes still lurk. IEEE Spectrum, 39–42 (June 2000)
Russell, S.J., Norvig, P.: Artificial Intelligence: A Modern Approach. Prentice-Hall, Englewood Cliffs (2002)
Samfat, D., Molva, R.: IDAMN: an intrusion detection architecture for mobile networks. IEEE Journal on Selected Areas in Communications 15(7), 1373–1380 (1997)
Serinken, N., Ureten, O.: Bayesian detection of Wi-Fi transmitter RF fingerprints. Electronic Letters 41(6), 373–374 (2005)
Shaw, D., Kinsner, W.: Multifractal modelling of radio transmitter transients for classification. In: Communications Power and Computing, Winnipeg Manitoba, May 1997, pp. 306–312. IEEE, Los Alamitos (1997)
IEEE Computer Society. ANSI/IEEE std 802.11 - wireless LAN medium access control (MAC) and physical layer PHY specifications (1999)
IEEE Computer Society. IEEE Std 802.11i-2004 IEEE standard for information technology- telecommunications and information exchange between systems- local and metropolitan area networks- specific requirements part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications amendment 6: Medium access control (MAC) security enhancements. Standard Number IEEE Std. 802.11i-2004 (2004)
Spencer, J.: Use of an artificial neural network to detect anomalies in wireless device location for the purpose of intrusion detection. In: Proceedings of the IEEE, SoutheastCon., pp. 686–691 (April 2005)
Sun, B., Yu, F.: Mobility-based anomaly detection in cellular mobile networks. In: International Conference on WiSe 2004, Philadelphia, Pennsylvania, USA, pp. 61–69 (2004)
Tekbas, O.H., Ureten, O., Serinken, N.: Improvement of transmitter identification system for low SNR transients. Electronic Letters 40(3), 182–183 (2004)
Toonstra, J., Kinsner, W.: Transient analysis and genetic algorithms for classification. In: WESCAN. IEEE, Los Alamitos (1995)
Ureten, O., Serinken, N.: Detection of radio transmitter turn-on transients. Electronic Letters 35, 1996–1997 (1999)
Wong, V., Leung, V.: Location management for next generation personal communications networks. IEEE Network, 18–24 (September 2000)
Wu, K., Harms, J., Elmallah, E.S.: Profile-based protocols in wireless mobile ad hoc networks. Local Computer Networks, 568–575 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barbeau, M., Hall, J., Kranakis, E. (2006). Detecting Impersonation Attacks in Future Wireless and Mobile Networks. In: Burmester, M., Yasinsac, A. (eds) Secure Mobile Ad-hoc Networks and Sensors. MADNES 2005. Lecture Notes in Computer Science, vol 4074. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11801412_8
Download citation
DOI: https://doi.org/10.1007/11801412_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36646-1
Online ISBN: 978-3-540-37863-1
eBook Packages: Computer ScienceComputer Science (R0)