Refocusing in 802.11 Wireless Measurement

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4979)


The edge of the Internet is increasingly wireless. To understand the Internet, one must understand the edge, and yet the measurement of wireless networks poses many new challenges. IEEE 802.11 networks support multiple wireless channels and any monitoring technique involves capturing traffic on each of these channels to gather a representative sample of frames from the network. We call this procedure channel sampling, in which each sniffer visits each channel periodically, resulting in a sample of the traffic on each of the channels.

This sampling approach may be sufficient, for example, for a system administrator or anomaly detection module to observe some unusual behavior in the network. Once an anomaly is detected, however, the administrator may require a more extensive traffic sample, or need to identify the location of an offending device.

We propose a method to allow measurement applications to dynamically modify the sampling strategy, refocusing the monitoring system to pay more attention to certain types of traffic than others. In this paper we show that refocusing is a necessary and promising new technique for wireless measurement.


Wireless Network Dartmouth College Wireless Measurement Wireless Frame USENIX Security Symposium 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Bahl, P., Chandra, R., Padhye, J., Ravindranath, L., Singh, M., Wolman, A., Zill, B.: Enhancing the security of corporate Wi-Fi networks using DAIR. In: Proceedings of MobiSys 2006, Uppsala, Sweden, June 2006, pp. 1–14 (2006)Google Scholar
  3. 3.
    Bahl, P., Padmanabhan, V.N.: RADAR: An in-building RF-based user location and tracking system. In: Proceedings of InfoCom 2006, pp. 775–784 (2000)Google Scholar
  4. 4.
    Bellardo, J., Savage, S.: 802.11 denial-of-service attacks: Real vulnerabilities and practical solutions. In: Proceedings of the Twelfth USENIX Security Symposium, Washington, DC, USA, August 2003, (USENIX Association), pp. 15–28 (2003)Google Scholar
  5. 5.
    Bratus, S., Cornelius, C., Kotz, D., Peebles, D.: Active behavioral fingerprinting of wireless devices. In: Proceedings of the First ACM Conference on Wireless Network Security (WiSec), March 2008, ACM Press, New York (accepted for publication, 2008)Google Scholar
  6. 6.
    Chandra, R., Padhye, J., Wolman, A., Zill, B.: A location-based management system for enterprise wireless LANs. In: Proceedings of the 4th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2007), Cambridge, MA, USA (2007)Google Scholar
  7. 7.
    Cheng, Y.-C., Afanasyev, M., Verkaik, P., Benkö, P., Chiang, J., Snoeren, A.C., Savage, S., Voelker, G.M.: Automating cross-layer diagnosis of enterprise wireless networks. SIGCOMM Comput. Commun. Rev. 37(4), 25–36 (2007)CrossRefGoogle Scholar
  8. 8.
    Cheng, Y.-C., Bellaro, J., Benko, P., Snoeren, A.C., Voelker, G.M., Savage, S.: Jigsaw: Solving the puzzle of enterprise 802.11 analysis. In: Proceedings of SIGCOMM 2006, Pisa, Italy, September 2006, pp. 39–50 (2006)Google Scholar
  9. 9.
    Deshpande, U., Henderson, T., Kotz, D.: Channel sampling strategies for monitoring wireless networks. In: Proceedings of the Second Workshop on Wireless Network Measurements, USA, April 2006, IEEE Computer Society Press, Boston (2006)Google Scholar
  10. 10.
    Jardosh, A.P., Ramachandran, K.N., Almeroth, K.C., Belding-Royer, E.M.: Understanding congestion in IEEE 802.11b wireless networks. In: Proceedings of the 2005 Internet Measurement Conference, Berkeley, CA, USA, October 2005, pp. 279–292 (2005)Google Scholar
  11. 11.
    Kismet wireless sniffer,
  12. 12.
    Mahajan, R., Rodrig, M., Wetherall, D., Zahorjan, J.: Analyzing the MAC-level behavior of wireless networks in the wild. In: Proceedings of SIGCOMM 2006, Pisa, Italy, September 2006, pp. 75–86 (2006)Google Scholar
  13. 13.
    Rodrig, M., Reis, C., Mahajan, R., Wetherall, D., Zahorian, J.: Measurement-based characterization of 802.11 in a hotspot setting. In: Proceedings of the ACM SIGCOMM 2005 Workshop on Experimental Approaches to Wireless Network Design and Analysis (E-WIND-2005), Philadelphia, PA, USA (August 2005)Google Scholar
  14. 14.
    Wireless vulnerabilities & exploits database,
  15. 15.
    Yeo, J., Youssef, M., Henderson, T., Agrawala, A.: An accurate technique for measuring the wireless side of wireless networks. In: Proceedings of the International Workshop on Wireless Traffic Measurements and Modeling, Seattle, WA, USA, June 2005, pp. 13–18 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  1. 1.Department of Computer Science, Dartmouth CollegeInstitute for Security Technology Studies 
  2. 2.School of Computer Science and Software EngineeringThe University of Western Australia 

Personalised recommendations