The last few years have seen explosive growth in deployment of Wireless Networks and use of Wireless devices. Advances in micro-technology and the need for ubiquitous services are the driving forces behind the ever growing popularity of Wireless networks. Unfortunately, IEEE 802.11 came under intense criticism since its standardization due to its design flaws. In Wireless Local Area Networks (WLANs), the Key Management protocol does not protect Management and Control frames. This vulnerability has drawn the attention of researchers in academia and also industry experts. In their quest for securing WLANs, several proposals both cryptographic and non-cryptographic have been advanced but none seem to be efficient.
Since most adversaries will launch attack against Access Points (AP) in one way or the other, our work is based on the exploitation of small microscopic deviations called clock skews of APs. In our work, we reaffirmed that the clock skew of an AP can be used as it fingerprint and also went further to estimate the clock under different conditions and with varying network loads; changing fingerprinter location; rebooting AP. While our proposal does not detect fakeAps and Medium Access Control (MAC) address spoofing in its entirety, but we have shown that when AP is rebooted it takes time before the clock skew become consistent. The beauty of our works is that it does not add any overhead to the IEEE 802.11standard.

[1] S. Jana, and S. K. Kasera, “On Fast and Accurate Detection of Unauthorized Wireless Access Points Using Clock Skews.”, the Proceedings of the 14th annual ACM international conference on Mobile computing and networking, September 14-19, 2008, pp. 104-115.
[2] B. Aslam, M.H. Islam, and S. A. Khan, “Disassociation DoS Attack and Its Solutions: A Survey.”, the proceedings of the first Mobile and Wireless Communication International Conference, 17-20 Sept, 2006, pp. 221-226.
[3] T. Kohno, A. Broido, and K. C. Claffy, “Remote Physical Device Fingerprinting.”, IEEE Trans. Dependable Secur. Comput., 2(2):93-108, 2005.
[4] “Information Technology- Telecommunications and Information exchange between Systems- Local and Metropolitan area Network- Specific Requirements- Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications”, IEEE std. 802.11i-2004.
[6] C. Liu and J. Yu, “A Solution to WLAN Authentication and Association DoS Attacks”, IAENG International Journal of Computer Science, 34:1, IJCS_34_1_4.
[7] A. Pasztor and D. Veitch, “PC Based Precision Timing without GPS”, In SIGMETRICS, 1998.
[8] S. B. Moon, P. Skelly, and D. Towsley, “Estimation and Removal of Clock Skew from Network Delay Measurements,” In INFOCOM, 1999.
[9] V. Paxson, “On calibrating measurements of packet transit times,” In Proceedings of ACM SIGMETRICS, 1998.
[10] “Information technology- Telecommunications and information exchange between systems- Local and metropolitan networks- Specific requirements- Part11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications”, IEEE std 802.11-1997.
[11] J. Bellardo, and S. Savage, “802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions”, Proceedings of the USENIX Security Symposium, 2003 pp. 15-28.
[12] J. Wright, “Detecting Wireless LAN MAC Address Spoofing,” 2003, technical document. Source: http://www.uninett.no/wlan/download/wlan-mac-spoof.pdf.
[13] Wireshark, source: http://www.wireshark.org/
[14] A. Martinez, U. Zurutuza, R. Uribeetxeberria, and M. Fernandez, “Beacon Frame Spoofing Attack Detection in IEEE 802.11 Networks”, Proceedings of the Third International Conference on Availability, Reliability and Security, 2008, pp.520-525.
[15] M. Malekzadeh, A. A. A. Ghani, Z. A. Zulkarnain, and Z. Muda, “Security Improvement for Management Frames in IEEE 802.11 Wireless Networks”, International Journal of Computer Science and Network Security, VOL.7 NO.6, June 2007.
[16] C. He and J. C. Mitchell, “Security Analysis and Improvements for IEEE 802.11i.” in NDSS, 2005.
[17] Intersil, PRISM Driver Programmers Manual, version 2.30, 2002, available at http://home.eunet.cz/jt/wifi/RM0251.pdf
[18] W. A. Arbaugh, N. Shankar, and Y. J. Wan, “Your 802.11 wireless network has not clothes,” Wireless Communications, IEEE, vol. 9, no. 1, pp. 44-51, 2002.
[19] J. S. Park and D. Dicoi. WLAN security: current and future. IEEE Internet Computing, Volume 7, No. 5, pages 60-65. September/October, 2003.
[20] H. Yang, F. Ricciato, S. Lu, and L. Zhang, “Securing a Wireless World”, Proceedings of IEEE, Volume. 94, No. 2, 442-454, 2006.
[21] C. He 2005, “Analysis Security Protocols for Wireless Networks”, PhD. Dissertation, Stanford University.
[22] D. L. Mills, “Internet Time Synchronization: The Network Time Protocol”, IEEE Trans. Communications, Volume 39, No. 10, pp 1482-1493, October 1991.
[23] C. Iheagwara, A. Blyth, M. Bennett, “Architectural and Functional Issues in Systems Requirements Specifications for Wireless Intrusion Detection Systems Implementation”, Proceedings of the 2005 Systems Communications (ICW’05), pp 434-441.
[24] D. C. H. Quay, “Formulating a Wireless LAN Security Policy: relevant issues, considerations and implications”, SANS Institute GSEC Practical, Feb 2002.
[25] W. Stallings, “Cryptography and Network Security Principles and Practices”, Pearson International Edition, 4th Edition,
[26] G. Bianchi, “Performance Analysis of the IEEE 802.11 Distributed Coordination Function”, IEEE Journal on Selected Areas in Communications, Volume 18, No. 3, pp 535-547, March 2000.
[26] F. Guo and T. Chiueh, “Sequence Number-Based MAC Address Spoof Detection”, In Proceedings of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) .
[27] Y. Sheng, K. Tan, G. Chen, D. Kotz, A. Campbell, “Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength”, In Proceedings of IEEE INFOCOM 2008
[28] Y. Chen, W. Trappe, and R. P. Martin, “Detecting and localizing wireless spoofing attacks,” in SECON’07: Proceedings of the 4th Annual IEEE Conference on Sensor, Mesh and Ad Hoc Communications and Networks, June 2007
[29] D. B. Faria and D. R. Cheriton, “Detecting identity-based attacks in wireless networks using singalprints,” in Proceedings of WiSe’06: ACM Workshop on Wireless Security, Sept. 2006, pp. 43–52.
[30] D. C. Madory, “New methods of spoof detection in 802.11b wireless networks”. Hanover, NH: M. Eng. Thesis, Dartmouth College, 2006.
[31] R. A. Redner and H. F. Walker, “Mixture densities, maximum likelihood and the EM algorithm,” SIAM Review, vol. 26, no. 2, pp. 195–239, 1984.