Use of Packet Capture (Pcap) Software for Virtual Access Point Correlation

Lutton, Corey E.

Use of Packet Capture (Pcap) Software for Virtual Access Point Correlation

Active / Technical Report | Accession Number: AD1073643 |

Abstract:

Virtual access points VAP are a commonly utilized method to broadcast service set identifiers SSID with different privilege levels from the same access point AP. While research has been focused on securing information transmitted using the IEEE 802.11 standard and the authentication of users on wireless local area networks WLAN, little attention has been given to the security of VAPs utilized on APs to determine whether the presence of a less-privileged, less-secured SSID is a security vulnerability for the AP that hosts it. In this thesis, we collected beacon frames from VAPs hosted on WLAN APs and attempted to correlate VAPs using graph theory and beacon frame characteristics. We discovered that it is possible to correlate beacon frames using the beacon frame timestamp and, to a lesser extent, the received signal strength indicator.

Author(s):

Lutton, Corey E.

Author Organization(s):

NAVAL POSTGRADUATE SCHOOL MONTEREY CA MONTEREY United States

Descriptive Note:

Technical Report

Pagination:

0103

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release;

RECORD

Collection: TR

Subject Terms

Joint Capability Areas:

JCA_6.1.2_Wireless Transmission; JCA_6_Net Centric; JCA_6.1.1_Wired Transmission; JCA_6.1.3_Switching and Routing; JCA_6.1_Information Transport; JCA_5_Command and Control; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_5.2_Understand; JCA_6.4.1_Secure Information Exchange; JCA_5.3_Planning; JCA_6.4_Information Assurance; JCA_1.2.7_Experimentation; JCA_6.2.1_Information Sharing; JCA_6.2.2_Computing Services; JCA_1.2.5_Lessons Learned; JCA_4.3_Maintain; JCA_6.3.1_Optimized Network Functions and Resources; JCA_1_Force Support; JCA_6.2.3_Core Enterprise Services; JCA_6.2_Enterprise Services; JCA_8_Building Partnerships

Modernization Areas:

Cyber; Quantum Science and Computing

Communities of Interest:

Energy and Power Technologies

Descriptor(s):

local area networks, network science, wireless networks, networks, computer science, authentication, computer networks

Field(s)/Group(s):

Computer Systems Management and Standards

Keyword(s):

vap(Virtual access points), AITM(announcement indication traffic map), RSSI(received signal strength indicator), BSSID(basic service set identification), IBSS(independent basic service set), ssid(service set identifiers), wlan(wireless local area networks)

Report Date:

2019 Mar 01

Creation Date:

2019 May 28