Using Radio Device Fingerprinting for the Detection of Impersonation and Sybil Attacks in Wireless Networks

  • Bartlomiej Sieka
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4357)


This paper describes an intrusion detection system to identify impersonation attacks and Sybil attacks in wireless networks. The detection system uses radio device fingerprinting and has experimental performance comparable with existing intrusion detection methods. The detection systems for Sybil attacks have not been widely investigated to date, and this contribution of the paper is novel. The paper also derives analytical formulae relating metrics of the fingerprinting classification procedure with the metrics of the intrusion detection system. The formulae can be used to guide the selection of the fingerprinting classification method, knowing the desired performance of the detection system. The use of radio device fingerprinting simplifies the task of securing a wireless ad-hoc network.


False Alarm Wireless Network False Alarm Rate Intrusion Detection Intrusion Detection System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lunt, T.: Detecting intruders in computer systems. In: Proceedings of the 1993 Conference on Auditing and Computer Technology (1993)Google Scholar
  2. 2.
    Anderson, D., Frivold, T., Valdes, A.: Next-generation intrusion detection expert system (NIDES): A summary. SRI-CSL-95-07 (1995)Google Scholar
  3. 3.
    Ilgun, K., Kemmerer, R., Porras, P.: State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering 21(3), 181–199 (1995)CrossRefGoogle Scholar
  4. 4.
    Kumar, S., Spafford, E.H.: A software architecture to support misuse intrusion detection. In: Proceedings of the 18th National Conference on Information Security, pp. 192–204 (1995)Google Scholar
  5. 5.
    McHugh, J.: Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory. ACM Transactions on Information and System Security 3(4), 262–294 (2000)CrossRefGoogle Scholar
  6. 6.
    Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. ACM Transactions in Information and Systems Security 3(4), 227–261 (2000)CrossRefGoogle Scholar
  7. 7.
    Vigna, G., Valeur, F., Kemmerer, R.A.: Designing and implementing a family of intrusion detection systems. In: Proceedings of ESEC/FSE 2003, pp. 88–97 (2003)Google Scholar
  8. 8.
    Zhang, Y., Lee, W.: Intrusion detection in wireless ad-hoc networks. In: Proceedings of the MOBICOM 2000, pp. 275–283 (2000)Google Scholar
  9. 9.
    Huang, Y.A., Lee, W.: A cooperative intrusion detection for ad hoc networks. In: Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 135–147 (2003)Google Scholar
  10. 10.
    Zhang, Y., Lee, W., Huang, Y.A.: Intrusion detection for mobile wireless networks. Wireless Networks 9, 545–556 (2003)CrossRefGoogle Scholar
  11. 11.
    Otey, M., Parthasarathy, S., Gothing, A., Li, G., Narravula, S., Panda, D.: Towards NIC-based intrusion detection. In: Proceedings of SIGKDD 2003, pp. 723–728 (2003)Google Scholar
  12. 12.
    Hall, J., Barbeau, M., Kranakis, E.: Enhancing intrusion detection in wireless networks using radio frequency fingerprinting. In: Proceeding of Communications, Internet, and Information Technology (CIIT), St. Thomas, US Virgin Islands, pp. 46–56 (2004)Google Scholar
  13. 13.
    Hall, J., Barbeau, M., Kranakis, E.: Anomaly-based intrusion detection using mobility profiles of public transportation users. In: Proceedings of the IEEE International Conference on Wireless And Mobile Computing, Networking And Communications (WiMob 2005), vol. 2, pp. 17–24 (2005)Google Scholar
  14. 14.
    Hall, J., Barbeau, M., Kranakis, E.: Detecting impersonation attacks in future wireless and mobile networks. In: Proceedings of the Mobile Ad-hoc Networks and Sensors Workshop (MADNES) (2005)Google Scholar
  15. 15.
    de Silva, A., Martins, M., Rocha, B., Loureiro, A., Ruiz, L., Wong, H.: Decentralized intrusion detection in wireless sensor networks. In: Proceedings of Q2SWinet 2005, pp. 16–23 (2005)Google Scholar
  16. 16.
    Newsome, J., Shi, E., Song, D., Perrig, A.: The Sybil attack in sensor networks: Analysis and defenses. In: Third International Symposium on Information Processing in Sensor Networks, IPSN 2004, pp. 259–268 (2004)Google Scholar
  17. 17.
    Ureten, O., Serinken, N.: Bayesian detection of radio transmitter turn-on transients. In: Proceedings of NISP 1999, pp. 830–834 (1999)Google Scholar
  18. 18.
    Ureten, O., Serinken, N.: Detection, characterisation and classification of radio transmitter turn-on transients. In: Proceedings of the NATO ASI on Multisensor Data Fusion, pp. 611–616 (2002)Google Scholar
  19. 19.
    Hall, J., Barbeau, M., Kranakis, E.: Detection of transient in radio frequency fingerprinting using phase characteristics of signals. In: Proceedings of the 3rd IASTED International Conference on Wireless and Optical Communications (WOC), Banff, Alberta, Canada, pp. 13–18 (2003)Google Scholar
  20. 20.
    Tekbas, O., Serinken, N., Ureten, O.: An experimental performance evaluation of a novel radio-transmitter identification system under diverse environmental conditions. Canadian Journal of Electrical and Computer Engineering 29(3), 203–209 (2004)CrossRefGoogle Scholar
  21. 21.
    Ureten, O., Serinken, N.: Bayesian detection of Wi-Fi transmitter RF fingerprints. Electronic Letters 41(6), 373–374 (2005)CrossRefGoogle Scholar
  22. 22.
    Ureten, O., Serinken, N.: Wireless security through RF fingerprinting. Canadian Journal of Electrical and Computer Engineering (2006/2007) (accepted for publication)Google Scholar
  23. 23.
    Sieka, B.: Active fingerprinting of 802.11 devices by timing analysis. In: IEEE CCNC 2006, Las Vegas, NV, USA, pp. 15–19 (2006)Google Scholar
  24. 24.
    Yang, H., Ye, F., Yuan, Y., Lu, S., Arbaugh, W.: Toward resilient security in wireless sensor networks. In: Proceedings of MobiHoc 2005, pp. 34–45 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Bartlomiej Sieka
    • 1
    • 2
  1. 1.Computer Science DepartmentUniversity of Illinois at Chicago 
  2. 2.Semihalf 

Personalised recommendations