Localization of Rogue Access Points Using Signal Strength Indicator in Educational Settings
Explore the case study on identifying rogue access points in educational institutions through signal strength indicators. Learn about challenges with BYOD policies, network security issues, and the role of the IT department in ensuring data security. Discover how blended learning and BYOD policies are shaping the educational landscape.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
ROGUE ACCESS POINT LOCALIZATION BY USING SIGNAL STRENGTH INDICATOR: A CASE STUDY IN EDUCATIONAL INSTITUTION Mardiana binti Mohamad Noor, Monash University Foundation Year, Sunway College Kuala Lumpur, Bandar Sunway, 47500 Selangor. mardiana@sunway.edu.my Wan Haslina binti Hassan, Communication System and Network (iKohza) Research Group, Malaysia- Japan International Institute of Technology (MJIIT), Universiti Teknologi Malaysia, Jalan Semarak, 54100 Kuala Lumpur wanhaslina@ic.utm.my
Blended Learning E- Learning platforms, particularly in Monash University Foundation Year (MUFY) is used to support blended learning Blended learning focuses on students participation in the lesson which is achieved through pre-class, in- class and post-class activities.
Bring Your Own Device (BYOD) Policy In order to encourage independent learning, Bring Your Own Device (BYOD) policy is implemented. However, technically, this policy is exposed to several network and cyber security issues and challenges.
Challenges in BYOD having a stable and scalable WiFi network with an appropriate bandwidth provision concern of risks and security issues in WiFi network i)to ensure only the authorized users and devices can access the network ii) presence of unauthenticated AP
Related Works One of the key factors and important elements in implementing BYOD in educational institution is data security [2]. Security threats such as: i) unauthorized access to sensitive data stored on the mobile devices ii) unauthorized access to data stored on the institution s network iii) attacks from malicious software iv) the ability to impersonate an authorized user.
Related Works IT department in an institution is responsible for maintaining the network and ensure network reliability and security [3]. IT department should ensure secure communication through a WiFi network.
Rogue Access Points (AP) Most of the mobile devices in a network such as smart phones, tablets and laptops may act as APs which can support multiple hotspots users in their own defined parameters. it may impose security breach (packet sniffing) to the users which are connected to the unauthorized access point (AP)
Case Study A case study in Sunway College Kuala Lumpur in mitigating the risks of the presence of unauthorized rogue APs The main objectives: i) To detect the presence of rogue APs ii) To locate and remove the rogue APs
Rogue AP Detection System Conventional: IT personnel to go around a premise with handheld sniffer such as Airwave according to the received signal strength (RSS) Laborious, not cost and resources effective, suffer infrastructural issues, and the signal can be evaded.
Rogue AP Detection System The proposed method: To implement the technique in Indoor Positioning System (IPS). The logarithmic relationship between the received signal strength (RSS) and separation distance which is based on the mechanisms of signal propagation is applied is investigated to find the distance between the rogue AP and a monitoring terminal.
Rogue AP Detection System Novelty: To introduce a factor model for in-building positioning system, hence an automated localization can be realized. The factor model is developed once, during the off- line phase.
Offline Phase Offline phase includes: i) Data Collection ii) Finding path loss factor iii) Finding correction factor,
Data Collection The relationship between separation distance between the AP and the monitoring terminal (MT) is observed. Samsung Tablet 3.0 which is installed with sniffer software, Metageek inSSIDer was used as the monitoring terminal (MT) to scan the network. The MT is placed in ten classrooms in the same building alternately (which are chosen randomly).
Path Loss Constant Calculation, n Mean received signal strength (RSS) against the calculated log distance graphs are plotted. The value of nis obtained by using curve fitting function from the graph. The relationship is based on the Log Normal Shadowing (LNS model) ? ?0 ??? ??? = 10? ??? + ?0
Correction Factor, The correction factor , is determined by observing the relationship between the received signal strength (RSS) and the path loss constant, n at three different range of distances ??? ?0 n ? = P0 is RSS at distance 1.0 m from the AP
Results The factor model: ? ?0 ??? ??? = ?0 (10 x 3.90)??? 6.1 The factor model is the improved LNS model for a specific building i.e East Building in Sunway College This number represents the weight of other factors such as wall and floor attenuation, and surrounding disturbances.
Evaluation The factor model (FM) is evaluated against LNS with no factor and LNS with wall attenuation factor The results shows, there is a significant increase in accuracy of distance prediction when factor model (FM) is used. Table 1. COMPARISON OF THE ACCURACY FOR ALL THE MODELS FOR SAME FLOOR LOCALIZATION Model Mean Error (m) Accuracy (%) LNS with FM 1.23 86 LNS with WAF 3.12 64 LNS (no factor) 6.03 31
Evaluation Table 2. CUMULATIVE DISTRIBUTION FUNCTION (CDF) FOR ALL THE MODELS FOR SIGNAL PROPAGATION ON THE SAME FLOOR 25th (m) 50th (m) 75th (m) 90th (m) Model LNS with FM 0.3 1 2.3 2.5 LNS with WAF 1.57 2.36 4.33 4.90 LNS (no factor) 5.82 6.06 6.72 7.27 Figure 3. propagation Cumulative Distribution Function (CDF) for all the models for the same floor
Evaluation However, the it was found that the FM is less effective for inter-floor distance prediction, where on average 90% of the rogue AP will be found 15.33 m away from the actual distance by using the FM, 90% of the rogue AP is found 13.93 m away from the actual coordinate by using LNS with WAF and FAF. Table 3. PROPAGATION BETWEEN FLOORS CUMULATIVE DISTRIBUTION FUNCTION (CDF) FOR ALL THE MODELS FOR SIGNAL 25th (m) 50th (m) 75th (m) 90th (m) Model LNS with FM 6.79 10.13 14.60 15.33 LNS with WAF and FAF 5.39 8.73 13.20 13.93 LNS (no factor) 12.88 16.25 19.10 21.40
Evaluation Table 4. MODELS IN TERMS OF FOUR PERCENTILES FOR THE ROGUE AP LOCALIZATION CUMULATIVE DISTRIBUTION FUNCTION (CDF) FOR ALL THE 25th (m) 50th (m) 75th (m) 90th (m) Model LNS and FM 2.83 3.59 4.44 5.34 LNS and WAF 5.38 6.23 8.66 11.99 LNS (no factor) 6.92 8.35 9.90 10.98 The result shows that by using the proposed model for localization, 90% of the rogue AP is found within 5.34 m from the actual coordinate.
Conclusion An alternative method is proposed which is to detect and locate the rogue AP by using the properties of signal strengths which are transmitted from the rogue AP itself, when there is no information regarding the rogue AP is known. LNS model is proposed in this research for distance prediction. Hence, a factor is introduced to the existing LNS model and the factor is found empirically from series of experiments which were conducted in East Building Sunway College. The improved LNS with the correction factor is called factor model (FM).
Conclusion The accuracy of FM in the distance prediction is improved up to 86 percent as compared to the localization by using the LNS without the suggested factor and there is 90 percent of the chances that the rogue AP is found within 5.34m from its actual position.
References REFERENCES [1] Attewell J. (2017), Bring Your Own Device For Schools. European Schoolnet 2017. [2] Kock D.R and Futcher A.L (2016), Mobile Devices Usage in Educational Institution in South Africa. Information Security for South Africa ISSA 2016, 27-34 [3] Macareg T. (2013). Bring Your Own Device (BYOD): Issues and Implementation In Local Colleges and Universities in the Philippines. Retrieved August 21, 2017, from https://researchgate.net/publication/313649980 [4] Calhoun. (2009). Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Binding for IEEE 802.11. Retrieved March 5, 2015, from https://tools.ietf.org/html/rfc5416 [5] Aruba Network (2013). AirWave VisualRF Location and Mapping : Improving Operations Efficiency Throughout the Wireless Network Lifecycle VisualRF Overview: Making the Airwaves Visible. CA: Aruba Network Inc. [6] Beyah R., Kangude S., Strickland B. and Copeland J. (2004). Rogue Access Point Detection Using Temporal Traffic Characteristics. IEEE Global Telecommunications Conference. 29 Nov - 3 Dec. Dallas: IEEE, 2271 2275. [7] Seidel, S. Y. and Rappaport, T. S. (1992). 914 MHz Path Loss Prediction Models for Indoor Wireless Communications in Multifloored Buildings. IEEE Transaction on Antenna and Propagation.40(2), 207-215. [8] Ringle, Christian M., Wende, Sven, Will, A. (2005). Smart PLS 2.0 M3. Retrieved June 2015 from http://www.smartpls.com.
