無線區域網路中非法擷取點之偵測與定位

Abstract

由於近年來無線網路技術日益進步，架設無線網路環境越來越簡單且成本亦趨低廉，使得無線網路的普及率越來越高。由於架設擷取點相當容易，使得有心人士可以利用此私接之擷取點連上骨幹網路，擷取資料或進行攻擊行為。為了偵測出此類非法擷取點，我們提出了一個基於憑證及掃瞄信標的偵測方法，利用檢查擷取點的硬體位址與檢驗憑證的內容來判斷此擷取點是否合法。此外，合法擷取點會定期或隨機掃瞄周遭的頻道以收集來自其他擷取點的信標，並將掃瞄後的結果傳給網路管理者，網路管理者可以透過比對掃瞄結果中是否有未經過檢驗的硬體位址，來判斷環境中是否有非法擷取點的存在。偵測出非法擷取點後，我們利用訊號強弱判斷模組來計算出此非法擷取點的位址。本篇論文，也針對所提出的系統加以實做並評估其效能，以此展示方法的優越性。

As the cost of 802.11 hardware continues decreasing, the case of installing unauthorized wireless access points (APs) into enterprise or school networks grows. These rogue APs expose the WLAN to a breach of security. Most of the current approaches of detecting rogue APs are easily evaded. In this thesis, we proposed the certificate-based and scan-based detection method to detect rogue APs at a central location (Access Router, AR). We determine an AP if rogue or legal by checking its MAC address and then verifying its certificate. Furthermore, the legal APs will scan channels and gather beacon frames from other APs at fixed or random interval, and then send the collected data to network manager. Network manager can discover a rogue AP with MAC address spoofing by comparing the scan results from the legal APs with the legal APs list in AR. After detecting, we utilize signal strength to calculate the location of the rogue AP by propagation model. The proposed methods in this thesis are implemented and the experimental results that are given to show the performance of our approach are superior.