JANUS: A Practical MAC Spoofing Detection Framework using Signal Strength Altering
Abstract
MAC spoofing allows for attackers to bypass certain security features and masquerade as another user on a wireless network. Current techniques to identify this attack either require multiple monitoring sources, rely on information that can be faked, or do not take into account how wireless signals spreads out in space. Because of this, current techniques either take up too many resources to run out of a home and small enterprise IoT settings, are prone to attackers bypassing the mechanisms, or are using as many data points as possible. This leaves the detection of MAC spoofing still needing improvement. We propose an approach that utilizes both DBScan and Guassian Mixture Models to find macroscopic and microscopic patterns over time. Thus, we present JANUS, an anomaly-based intrusion detection framework that is able to detect MAC spoofing attacks with a single device without relying on information that can be spoofed with a 92% precision.
Citation
Grimes, Jonathan Nathaniel (2020). JANUS: A Practical MAC Spoofing Detection Framework using Signal Strength Altering. Master's thesis, Texas A&M University. Available electronically from https : / /hdl .handle .net /1969 .1 /191653.