A Measurement Based Rogue AP Detection Scheme

This paper considers a category of rogue Access Points (APs) that pretend to be legitimate APs to lure users to connect to them. The authors propose a practical timing based technique that allows the user to avoid connecting to rogue APs. The method employs the round trip time between the user and the DNS server to independently determine whether an AP is legitimate or not without assistance from the WLAN operator. They implemented the detection technique on commercially available wireless cards to evaluate their performance.