Insider Attack Attribution Using Signal Strength Based Hyperbolic Location Estimation

A rogue insider, in a wireless network, is an authenticated member that exploits possession of a valid identity in order to launch an attack. A typical example is the transmission of a verifiable message containing false or incomplete information. An important step, in enabling the network authorities to attribute an attack message to its originator, involves locating the physical source of the transmission. The authors propose a probabilistic scheme to determine the location of a transmitting rogue, with a degree of confidence, using the relative signal strength received by neighboring devices, even if the Effective Isotropic Radiated Power (EIRP) employed by the rogue is unknown.