Browse > Article
http://dx.doi.org/10.7472/jksii.2016.17.3.11

A Rogue AP Detection Method Based on DHCP Snooping  

Park, Seungchul (School of Computer Science and Engineering, Korea University of Technology and Education)
Publication Information
Journal of Internet Computing and Services / v.17, no.3, 2016 , pp. 11-18 More about this Journal
Abstract
Accessing unauthorized rogue APs in WiFi environments is a very dangerous behavior which may lead WiFi users to be exposed to the various cyber attacks such as sniffing, phishing, and pharming attacks. Therefore, prompt and precise detection of rogue APs and properly alarming to the corresponding users has become one of most essential requirements for the WiFi security. This paper proposes a new rogue AP detection method which is mainly using the installation information of authorized APs and the DHCP snooping information of the corresponding switches. The proposed method detects rogue APs promptly and precisely, and notify in realtime to the corresponding users. Since the proposed method is simple and does not require any special devices, it is very cost-effective comparing to the wireless intrusion prevention systems which are normally based on a number of detection sensors and servers. And it is highly precise and prompt in rogue AP detection and flexible in deployment comparing to the existing rogue AP detection methods based on the timing information, location information, and white list information.
Keywords
WiFi security; rogue AP; rogue AP detection; DHCP snooping;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 H. Han, B. Sheng, C. C. Tan, Q. Li, and S. Lu, "A Timing-based Scheme for Rogue AP Detection," IEEE Transactions on Parallel and Distributed Systems, Vol. 22, No. 11, Nov. 2011, pp. 1012-1925 http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=6007016   DOI
2 J. Lee, S. Lee, and J. Moon, "Detecting Rogue AP using k-SVM method," Journal of The Korea Institue of Information Security and Cryptology, Vol. 24, No. 1, Feb 2014, pp. 87-95 http://ocean.kisti.re.kr/downfile/volume/kiisc/JBBHCB/2014/v24n1/JBBHCB_2014_v24n1_87.pdf   DOI
3 K. Kao, T. Yeo, W. Yong, and H. Chen, "A Location-aware Rogue Ap Detection System Based on Wireless Packet Sniffing of Sensor APs," Proceedings of The 2011 ACM Symposium on Applied Computing, Mar. 2011, pp. 32-36 http://dl.acm.org/citation.cfm?id=1982195
4 J. Park, M. Park, and S. Jung, "A Whitelist-based Scheme for Detecting and Preventing Unauthorized AP Access Using Mobile Device," Journal of KICS, Vol. 38B, No.8, Aug. 2013, pp. 632-640 http://www.readcube.com/articles/10.7840%2Fkics.2013.38B.8.632
5 R. Beyah and A. Venkataraman, "Rogue-Access-Point Detection Challenges, Solutions, and Future Directions," IEEE Security and Privacy, Sept./Oct 2011, pp. 56-61. http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5963632
6 Motorola, "Solutions for Detecting and Eliminating Rogue Wireless Networks," White Paper, Oct. 2011. http://www.opticalphusion.com/downloads/products/networks/airdefense/CS.pdf
7 M. Kim, J. Mun, S. Jung, and Y. Kim, "A Mobile Device-based Mobile AP Detection Scheme using NAT Behavior," Proceedings of 2013 International Conference on IT Convergence and Security, 16-18 Dec. 2013, pp. 1-4. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6717778
8 L. Watkins, R. Beyah, and C. Corbett, "A Passive Approach to Rogue Access point Detection," Proceedings of IEEE Globecom 2007, 26-30 Nov. 2007, pp. 355-360. http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=4410983
9 http://www.airtightnetworks.com/
10 http://meraki.cisco.com/technologies/air-marshal-wips/