Detecting Impersonation Attacks in Future Wireless and Mobile Networks

  • Michel Barbeau
  • Jyanthi Hall
  • Evangelos Kranakis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4074)


Impersonation attacks in wireless and mobile networks by professional criminal groups are becoming more sophisticated. We confirm with simple risk analysis that impersonation attacks offer attractive incentives to malicious criminals and should therefore be given highest priority in research studies. We also survey our recent investigations on Radio Frequency Fingerprinting and User Mobility Profiles and discuss details of our methodologies for building enhanced intrusion detection systems for future wireless and mobile networks.


Medium Access Control Mobile Network Intrusion Detection Advance Encryption Standard Impersonation Attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aboba, B.: The unofficial 802.11 security web page - security vulnerabilities in EAP methods (May 2005),
  2. 2.
    Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible authentication protocol (EAP). The Internet Engineering Task Force - Request for Comments, 3748 (June 2004)Google Scholar
  3. 3.
    Aboba, B., Simon, D.: PPP EAP TLS authentication protocol. The Internet Engineering Task Force - Request for Comments, 2716 (October 1999)Google Scholar
  4. 4.
    Adelstein, F., Alla, P., Joyce, R., Richard III, G.G.: Physically locating wireless intruders. In: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC 2004), pp. 482–489 (2004)Google Scholar
  5. 5.
    WiFi Alliance. Wi-fi protected access (WPA) enhanced security implementation based on ieee p802.11i standard, version 3.1 (August 2004)Google Scholar
  6. 6.
    Barbeau, M., Robert, J.-M.: Perfect identity concealment in UMTS over radio access links. In: Proceedings of the Wireless and Mobile Computing, Networking and Communications, Montreal, Canada (August 2005)Google Scholar
  7. 7.
    Ellis, K.J., Serinken, N.: Characteristics of radio transmitter fingerprints. Radio Science 36, 585–597 (2001)CrossRefGoogle Scholar
  8. 8.
    ETSI. Telecommunications and internet protocol harmonization over networks TIPHON release 4; protocol framework definition; methods and protocols for security; part 1: Threat analysis. Technical Specification ETSI TS 102 165-1 V4.1.1 (2003)Google Scholar
  9. 9.
    Filjar, R., Desic, S.: Architecture of the automatic position reporting system (APRS). In: Proceedings of 46th International Symposium on Electronics in Marine (Elmar), pp. 331–335 (2004)Google Scholar
  10. 10.
    Hall, J.: Anomaly-based Intrusion Detection in Wireless Networks using Device and User-based Profiles. PhD thesis, Carleton University (Fall 2005)Google Scholar
  11. 11.
    Hall, J., Barbeau, M., Kranakis, E.: Detection of Transient in Radio Frequency Fingerprinting using Signal Phase. In: Proceedings of the 3rd IASTED International Conference on Wireless and Optical Communications (WOC 2003), Banff, Canada, pp. 13–18. ACTA Press (July 2003)Google Scholar
  12. 12.
    Hall, J., Barbeau, M., Kranakis, E.: Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In: Proceedings of the 3rd IASTED International Conference on Communications, Internet and Information Technology (CIIT), St. Thomas, U.S. Virgin Islands, pp. 201–206 (November 2004)Google Scholar
  13. 13.
    Hall, J., Barbeau, M., Kranakis, E.: Using mobility profiles for anomaly-based intrusion detection in mobile networks. In: Proceedings of the Wireless and Mobile Computing, Networking and Communications, Montreal, Canada, pp. 22–24 (August 2005), Preliminary version in NDSS 2005 Preconference Workshop on Wireless and Mobile SecurityGoogle Scholar
  14. 14.
    Haverinen, H., Salowey, J.: Extensible authentication protocol method for GSM subscriber identity modules (EAP-SIM). Work in progress (December 2004)Google Scholar
  15. 15.
    Hunter, A.: Feature selection using probabilistic neural networks. Neural Computing and Applications 9, 124–132 (2000)CrossRefGoogle Scholar
  16. 16.
    AirDefense Inc. Accessed in (February 2004),
  17. 17.
    Financial Times Information. Mobile cloning (March 2005)Google Scholar
  18. 18.
    Laing, A.: The Security Mechanism for IEEE 802.11 Wireless Networks (2001),
  19. 19.
    Lane, T., Brodley, C.E.: Temporal sequence learning and data reduction for anomaly detection. ACM Transactions on Information and System Security 2(3), 295–331 (1999)CrossRefGoogle Scholar
  20. 20.
    Ma, W., Fang, Y.: A new location management strategy based on user mobility pattern for wireless networks. In: Proceedings of the 27th Annual Conference on Local Computer Networks (2002)Google Scholar
  21. 21.
    Markoulidakis, J., Lyberopoulos, G., Tsirkas, D., Sykas, E.: Evaluation of location area planning scenarios in future mobile telecommunication systems. Wireless Networks 1 (1995)Google Scholar
  22. 22.
    Netstumbler (Accessed in February 2004),
  23. 23.
    LAN MAN Standards Committee of the IEEE Computer Society, the IEEE Microwave Theory, and Techniques Society. Local and metropolitan area networks - part 16: Air interface for fixed broadband wireless access systems - amendment for physical and medium access control layers for combined fixed and mobile operation in licensed bands. Draft IEEE Standard, IEEE P802.16e/D8-2005 (May 2005)Google Scholar
  24. 24.
    Riezenman, M.J.: Cellular security: better, but foes still lurk. IEEE Spectrum, 39–42 (June 2000)Google Scholar
  25. 25.
    Russell, S.J., Norvig, P.: Artificial Intelligence: A Modern Approach. Prentice-Hall, Englewood Cliffs (2002)Google Scholar
  26. 26.
    Samfat, D., Molva, R.: IDAMN: an intrusion detection architecture for mobile networks. IEEE Journal on Selected Areas in Communications 15(7), 1373–1380 (1997)CrossRefGoogle Scholar
  27. 27.
    Serinken, N., Ureten, O.: Bayesian detection of Wi-Fi transmitter RF fingerprints. Electronic Letters 41(6), 373–374 (2005)CrossRefGoogle Scholar
  28. 28.
    Shaw, D., Kinsner, W.: Multifractal modelling of radio transmitter transients for classification. In: Communications Power and Computing, Winnipeg Manitoba, May 1997, pp. 306–312. IEEE, Los Alamitos (1997)Google Scholar
  29. 29.
    IEEE Computer Society. ANSI/IEEE std 802.11 - wireless LAN medium access control (MAC) and physical layer PHY specifications (1999)Google Scholar
  30. 30.
    IEEE Computer Society. IEEE Std 802.11i-2004 IEEE standard for information technology- telecommunications and information exchange between systems- local and metropolitan area networks- specific requirements part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications amendment 6: Medium access control (MAC) security enhancements. Standard Number IEEE Std. 802.11i-2004 (2004)Google Scholar
  31. 31.
    Spencer, J.: Use of an artificial neural network to detect anomalies in wireless device location for the purpose of intrusion detection. In: Proceedings of the IEEE, SoutheastCon., pp. 686–691 (April 2005)Google Scholar
  32. 32.
    Sun, B., Yu, F.: Mobility-based anomaly detection in cellular mobile networks. In: International Conference on WiSe 2004, Philadelphia, Pennsylvania, USA, pp. 61–69 (2004)Google Scholar
  33. 33.
    Tekbas, O.H., Ureten, O., Serinken, N.: Improvement of transmitter identification system for low SNR transients. Electronic Letters 40(3), 182–183 (2004)CrossRefGoogle Scholar
  34. 34.
    Toonstra, J., Kinsner, W.: Transient analysis and genetic algorithms for classification. In: WESCAN. IEEE, Los Alamitos (1995)Google Scholar
  35. 35.
    Ureten, O., Serinken, N.: Detection of radio transmitter turn-on transients. Electronic Letters 35, 1996–1997 (1999)CrossRefGoogle Scholar
  36. 36.
    Wong, V., Leung, V.: Location management for next generation personal communications networks. IEEE Network, 18–24 (September 2000)Google Scholar
  37. 37.
    Wu, K., Harms, J., Elmallah, E.S.: Profile-based protocols in wireless mobile ad hoc networks. Local Computer Networks, 568–575 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Michel Barbeau
    • 1
  • Jyanthi Hall
    • 1
  • Evangelos Kranakis
    • 1
  1. 1.School of Computer ScienceCarleton UniversityOttawaCanada

Personalised recommendations