The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지
DOI QR코드

DOI QR Code

A Whitelist-Based Scheme for Detecting and Preventing Unauthorized AP Access Using Mobile Device

모바일 단말을 이용한 Whitelist 기반 비인가 AP 탐지 및 접속 차단 기법

  • 박정수 (숭실대학교 전자공학과 통신망보안 연구실) ;
  • 박민호 (숭실대학교 정보통신전자공학부) ;
  • 정수환 (숭실대학교 정보통신전자공학부 통신망보안 연구실)
  • Received : 2013.04.25
  • Accepted : 2013.08.14
  • Published : 2013.08.30
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we proposed a system in a wireless LAN environment in case of security threats, the mobile terminal and the remote server-based WLAN security. The security of the wireless LAN environment in the recent technology in a variety of ways have been proposed and many products are being launched such as WIPS and DLP. However, these products are expensive and difficult to manage so very difficult to use in small businesses. Therefore, in this paper, we propose a security system, wireless LAN-based terminal and a remote server using whitelist according to development BYOD market and smartphone hardware. The proposed system that AP and personal device information to be stored on the server by an administrator and Application installed on a personal device alone, it has the advantage that can be Applicationlied to a variety of wireless network environment.

본 논문에서는 무선랜 환경의 보안위협에 대비해 모바일 단말 및 원격서버 기반의 무선랜 보안 시스템을 제안 한다. 최근 무선랜 환경에서의 보안기술은 다양한 방식으로 제안되고 있으며, WIPS, DLP등 많은 제품들이 출시되고 있다. 하지만 이러한 제품들은 가격이 비싸고, 관리가 힘들다는 점에서 소규모 기업에서는 사용하기가 힘든 실정이다. 따라서 본 논문에서는 BYOD 시장의 발달과 스마트폰 하드웨어의 발전에 맞춰 whitelist를 이용한 단말 및 원격서버 기반의 무선랜 보안 시스템을 제안한다. 제안하는 시스템은 관리자에 의해 AP 및 개인 device에 대한 정보가 서버에 저장되고, 개인의 device에 Application설치만으로도 다양한 무선 네트워크 환경에 적용할 수 있는 장점이 있다.

Keywords

References

  1. H. Han, B. Sheng, C. C. Tan, Q. Li, and S. Lu, "A timing-based scheme for rogue AP detection," IEEE Trans. Parallel Distrib. Syst., vol. 22, no. 11, pp. 1912-1925, Nov. 2011. https://doi.org/10.1109/TPDS.2011.125
  2. J. Burke, B. Hartselle, B. Kneuven, and B. Morgan, Wireless security attacks and defense, Retrieved May 2006, from http://http://www.windowsecurity.com/whitepapers/Wireless_Security/Wireless-Security-Attacks-Defenses.html.
  3. D. Inoue, R. Nomura, and M. Kuroda, "Transient MAC address scheme for untraceability and DOS attack resiliency on wireless network," in Proc. Wireless Telecommun. Symp., pp. 15-23, Pomona, U.S.A., Apr. 2005.
  4. H. Hwang, G. Jung, K. Sohn, and S. Park "A study on MITM(Man in the Middle) vulnerability in wireless network using 802.1X and EAP," in Proc. Int. Conf. Inform. Sci. Security (ICISS '08), pp. 164-170, Hyderabad, India, Jan. 2008.
  5. AirTight Network, "Airtight network wireless security," AirTight White Paper, 2012.
  6. L. Liu, R. Moulic, and D. Shea, "Cloud service portal for mobile device management," in Proc. IEEE 7th Int. Conf. e-Business Eng. (ICEBE), pp. 474-478, Shanghai, China, Nov. 2010.
  7. A. Scarfò, "New security perspectives around BYOD," in Proc. 7th Int. Conf. Broadband, Wireless Computing, Commun., Applicat. (BWCCA), pp. 446-451, Victoria, Canada, Nov. 2012.
  8. G. Chen, H. Yao, and Z. Wang, "An intelligent WLAN intrusion prevention system based on signature detection and plan recognition," In Proc. 2nd Int. Conf. Future Networks (ICFN '10), pp. 168-172, Sanya, China, Jan. 2010.
  9. H.-W. Lee and C.-W. Choi, "Development of malicious traffic detection and prevention system by embedded module on wireless LAN access point," J. Korea Contents Assoc. (KOCON), vol. 6, no. 12, pp. 29-39, Dec. 2006.