在智能家居环境下基于 CSI 的伪 AP 检测研究

信息安全研究 ›› 2018, Vol. 4 ›› Issue (2): 163-169.

在智能家居环境下基于 CSI 的伪 AP 检测研究

冯鑫¹,胡勇²

1. 四川大学信息安全研究所
2. 四川大学

收稿日期:2018-02-25 出版日期:2018-02-15 发布日期:2018-02-25
通讯作者: 冯鑫
作者简介:冯鑫(1992—)，硕士研究生，主要研究方向为无线安全、Web安全。胡勇(1973—), 博士，副教授，主要研究方向为信息安全。

Research of Rogue AP Detection Based on CSI in Smart Home

Received:2018-02-25 Online:2018-02-15 Published:2018-02-25

摘要/Abstract

摘要： 传统的伪AP检测方式都是基于AP的硬件特征和流量特征来检测，但是这两个特征都容易被攻击者伪造。本文针对在智能家居环境下，鉴于终端和网关的位置都比较稳定，提出一种基于信道状态信息（Channel State Information，CSI）的伪AP检测方法，将伪AP检测问题转化为AP位置检测问题。方法分为搜集阶段和检测阶段。搜集阶段，在安全环境下搜集目标AP的位置信息作为指纹并构建指纹库。在检测阶段，检测当前连接AP的位置信息，并将其与指纹库中的信息做对比，以此来判断当前AP的安全性。经过实验证明，此方法可行，并成功解决了传统的伪AP检测方法容易被绕过的问题。

关键词: 智能家居, CSI, 位置信息, 伪AP检测, 安全性

Abstract: Traditional Rogue AP detection methods are based on AP hardware fingerprint and traffic feature, but these two features are easy to be attacked by the attacker. In this paper, Aiming at the position of the terminal and the gateway is stable under the Smart Home environment,We proposed a CSI-based Rogue AP detection method. This method converted the detection of Rogue AP to the detection of the locations of AP.The method is divided into collection stage and detection stage. In the Collection stage, collecting the target AP location information as a fingerprint and build a fingerprint library in the security environment. In the detection stage,detecting the location information of the current connected AP and comparing with the information in the fingerprint library to determine the security of the current AP. Experiments show that this method is feasible and successfully solved the problem that the traditional Rogue AP detection method is easy to be bypassed.

Key words: Smart Home, CSI, location, Rogue AP detection, security

冯鑫胡勇. 在智能家居环境下基于 CSI 的伪 AP 检测研究[J]. 信息安全研究, 2018, 4(2): 163-169.

参考文献

[1] 王艳,徐渊.物联网或将迎来高速增长[J].中国电信业,2014(2):30-31 [2] 陈伟,顾杨,李晨阳,等.无线钓鱼接入点攻击与检测技术研究综述[J].武汉大学学报(理学版),2014,60(1):13-23 [3] Bratus S,Cornelius C,Kotz D,et al.Active behavioral fingerprinting of wireless devices [C]//Proceedings of the First ACM Conference on Wireless Network Security, 2008:56-61 [4] 朱建明,马建峰.无线局域网安全:方法与技术 [M]. 2版. 北京：机械工业出版社,2009 [5] Wei W,Sun K,Wang B,et al. Passive online Rogue access point detection using sequential hypothesis testing with TCP ACK-pairs[C]. Proceedings of the 7th ACM SIGCOMM conference on Internet measurement. San Diego:ACM,2007:365-378 [6] Ma L,Teymorian A,Cheng X. A hybrid rogue access point protection framework for commodity Wi-Fi networks[C]//Proceedings of IEEE 27th Annual Joint Conference of the IEEE Computer and Communi- cations Societies(INFOCOM 2008). Phonix:IEEE Computer Society Press,2008:1220-1228 [7] 万群,郭贤生,陈章鑫.室内定位理论、方法和应用.北京:电子工业出版社,2012 [8] Yang L,Ho K C. An approximately efficient TDOA localization algorithm in closed-form for locating multiple disjoint sources with erroneous sensor positions[J].Signal Processing,IEEE Transactions on,2009,57(12):4598-4615 [9] Kulakowski P,Vales-Alonso J,Egea-Lopez E,et al.Angle-of-arrival localization based on antenna arrays for wireless sensor networks[J]. Computers & Electrical Engineering,2010,36(6);1181-1186 [10] 寿向晨,徐宏毅.无线传感器网络中RSSI定位算法的设计与实现[J].武汉大学学报(工学版),2015,48(2):284-288 [11] 邓晓华.基于CSI的被动式室内定位与目标技术方法研究[D].杭州电子科技大学,2014 [12] Sen S,Lee J,Kim K H,et al.Avoiding multipath to revive inbuilding wifi localization[C]//Proceeding of the 11th annual international conference on Mobile systems,applications,and services.ACM,2013: 249-262 [13] Halperin D,Hu W,Sheth A,et al.Predictable 802.11 packet delivery from wireless channel measurements[J].ACM SIGCOMM Computer Communication Review,2011,41(4):159-170 [14] WU K S,XIAO J,YI Y,et al.FILA:Fine-grained indoor localization[C] //Proc. IEEE International Conference on Computer Communications (INFOCOM),2012:2210-2218