Utilising fuzzy logic to detect false access points in Wi-Fi networks

Abstract

IEEE 802.11 (Wi-Fi) is the widely-accepted standard for implementing a Wireless Local Area Network today. Its security mechanism is defined in the IEEE 802.11i standard, which describes a Four-Way Handshake protocol for a wireless Access Point to associate to an Access Point (AP). Many researchers have proposed new protocols by modifying the use of some state variables in IEEE 802.11i. However, these new protocols cannot effectively prevent Access Points from associating to False APs when the False APs perform the Denial of Service (DoS) attack or the Man-in-the-Middle (MiM) attack to disguise themselves as the true APs. Facing the above research challenge, this thesis proposes to utilise Fuzzy Logic to detect such False APs. For this purpose, this thesis presents two algorithms: the Security Swarm Wireless Access (SSWA) algorithm and the Security Swarm Root Access Point (SSRN) algorithm, which can detect whether an AP is a true AP under the DoS attack and the MiM attack scenarios respectively. Both algorithms describe the corresponding attack scenario with a fuzzy logic model, which can derive whether an AP is true. Both algorithms take as inputs the following parameters regarding to Access Points or APs in a Wi-Fi network: the geographic positions, the IEEE 802.11 frames transmitted, the Angles of Arrivals, the Angles of Departures, etc. In both algorithms, the Particle Swarm Optimisation (PSO), a well-known computation technique from bio-inspired computing, is employed to obtain the authenticity of an AP through iterative improvements while Wi-Fi networks are in operation. Finally, the two proposed algorithms are simulated in the Matlab environment, which already includes the implementation of the IEEE 802.11 physical layer and the Fuzzy Logic tool box. Our extensive simulations validate the effectiveness of the proposed SSWA and SSRN algorithms.

Date of Award	2015
Original language	English