5th International ICST Conference on Wireless Internet

Research Article

Countermeasures against MAC address spoofing in public wireless networks using lightweight agents

Download557 downloads
  • @INPROCEEDINGS{10.4108/ICST.WICON2010.8622,
        author={I-Hsuan Huang and Ko-Chen Chang and Yu-Chi Lu and Cheng-Zen Yang},
        title={Countermeasures against MAC address spoofing in public wireless networks using lightweight agents},
        proceedings={5th International ICST Conference on Wireless Internet},
        publisher={IEEE},
        proceedings_a={WICON},
        year={2010},
        month={4},
        keywords={MAC address spoofing public wireless networks lightweight agents},
        doi={10.4108/ICST.WICON2010.8622}
    }
    
  • I-Hsuan Huang
    Ko-Chen Chang
    Yu-Chi Lu
    Cheng-Zen Yang
    Year: 2010
    Countermeasures against MAC address spoofing in public wireless networks using lightweight agents
    WICON
    IEEE
    DOI: 10.4108/ICST.WICON2010.8622
I-Hsuan Huang1,*, Ko-Chen Chang1,*, Yu-Chi Lu1,*, Cheng-Zen Yang1,*
  • 1: Department of Computer Science and Engineering, Yuan Ze University, Chungli, Taiwan, R.O.C.
*Contact email: ihhuang@syslab.cse.yzu.edu.tw, kcchang@syslab.cse.yzu.edu.tw, yclu@syslab.cse.yzu.edu.tw, czyang@syslab.cse.yzu.edu.tw

Abstract

As wireless network usage thrivingly grows, MAC address spoofing recently poses a serious security threat to a public wireless network. In the past, several schemes have been proposed to leverage this problem. However, these previous methods incur high deployment costs in employing countermeasure protocols. In this paper, we present a lightweight agent-based access control framework to counter MAC address spoofing threats. The proposed framework has four operating modes to run according to user needs of system performance and wireless security. Therefore, the framework provides much more flexibility in employing a variety of security protocols, and performance-security trade-offs. With a prototype implementation, the preliminary experimental results indicate that the proposed framework has only 20% performance degradation in burst packet transfer under the most rigorous security consideration, which shows the potential feasibility.