Rogue twin attack detection: A discrete event system paradigm approach

Mayank Agarwal

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

8 Scopus citations

Abstract

Rogue Twin Access Point (AP) is a rogue Wi-Fi hotspot/AP setup by an adversary solely with the purpose of luring Wi-Fi stations (STAs) into connecting to them. An adversary clones the Service Set IDentifier (SSID) [Hotspot Name] as well as the MAC address of the legitimate AP while setting up the rogue twin. When a STA checks for the list of available APs (under presence of rogue twin), it sees only one AP (despite there being two APs with the identical SSID and MAC address). In case the signal strength of the rogue twin is more than the legitimate AP, the STA connects to the rogue twin.In the present study, a Discrete Event System (DES) paradigm based Intrusion Detection System (IDS) for detecting rogue twin which is proposed. It overcomes many drawbacks of existing approaches in tackling rogue twin. A normal DES model corresponding to a frame exchange under normal network conditions along with a failure (attacker) DES model corresponding to a frame exchange under rogue twin network conditions is constructed. Using the knowledge of the normal and attacker DES models, a DES diagnoser is constructed to ascertain whether the frame exchange corresponds to a normal or attack condition. Even if an attacker uses multiple techniques to launch the rogue twin the proposed DES based IDS is capable of identifying all such possible instances. We validate the scheme on a real test bed.

Original languageEnglish
Title of host publication2019 IEEE International Conference on Systems, Man and Cybernetics, SMC 2019
PublisherInstitute of Electrical and Electronics Engineers
Pages1813-1818
Number of pages6
ISBN (Electronic)9781728145693
DOIs
StatePublished - 1 Oct 2019
Externally publishedYes
Event2019 IEEE International Conference on Systems, Man and Cybernetics, SMC 2019 - Bari, Italy
Duration: 6 Oct 20199 Oct 2019

Publication series

NameConference Proceedings - IEEE International Conference on Systems, Man and Cybernetics
Volume2019-October
ISSN (Print)1062-922X

Conference

Conference2019 IEEE International Conference on Systems, Man and Cybernetics, SMC 2019
Country/TerritoryItaly
CityBari
Period6/10/199/10/19

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Control and Systems Engineering
  • Human-Computer Interaction

Fingerprint

Dive into the research topics of 'Rogue twin attack detection: A discrete event system paradigm approach'. Together they form a unique fingerprint.

Cite this