Detecting Identity Spoofs in 802.11e Wireless Networks
Source: Rutgers University
Wireless networks are vulnerable to identity spoofing attacks, where an attacker can forge the MAC address of his wireless device to assume the identity of another victim device on the network. Identity spoofing allows an attacker to avail network services that are normally restricted to legitimate users. Prior techniques to detect such attacks rely on characteristics such as progressions of MAC sequence numbers. However, these techniques can wrongly classify benign flows as malicious with newer 802.11e wireless devices that allow multiple progressions of MAC sequence numbers from the same device. Several other techniques that rely on physical properties of transmitting devices are ineffective when the attacker and the victim are mobile.