Research On Wireless Rogue Access Point Detection Technology

The current wireless network has been deployed and used on a large scale.Wireless network security has also received widespread attention.A wireless rogue attack means an attacker sets up a spoofed wireless access point(AP: Access Point)in a public place.The main parameters are set to be the same as the legal AP,and the victim is tricked into connecting to the rogue wireless access point.Then the attacker can steal passwords or other private information from the rogue AP.Wireless rogue attacks are a persistent security issue in wireless networks and detecting such attacks is of practical significance.This thesis proposes an efficient and practical wireless rogue attack detection method for the campus wireless network environment.It can detect wireless rogue APs within a certain range.This detection system does not require the support from network operators or network administrators.It can meet the requirements of phishing attack detection in the campus wireless network environment.The thesis first analyzes the characteristics of the MAC address,network link and device fingerprint of the legal AP and the rogue AP in the wireless network.By comparing the difference between the legal and rogue APs,these features are used as the basis of the detection method.Then three methods of consistency detection,network layer detection and device fingerprint detection are proposed.Consistency detection determines whether the MAC address of the same name wireless AP is consistent with the manufacturer information.The network layer detection method decides whether the wireless AP of the same name is similar from the network delay and the routing path.The device fingerprint detection determines the difference between the chip and the driver of the wireless AP by constructing a specific data frame and according to the response from the wireless AP.The thesis compares the advantages and application scenarios of these three methods,and provides a variety of options for wireless phishing detection attacks.Finally,using the open source software such as Aircrack,the detection program of wireless rogue AP is realized.The effectiveness of the detection method is verified by experimental results.