Keywords: Wireless positioning, WLAN 802.11 intrusion detection. 1. ..... strength measurements are Kismet13, Wellenreiter14, Boingo client15 etc. ⢠VB script.
Implementation of an Intrusion Detection System Based on Wireless Positioning David Akopian, Philip Chen, Maheedhar Gunturu, Phani K. Sagiraju The University of Texas at San Antonio, One UTSA Circle, San Antonio, TX, USA 78249 ABSTRACT WLAN networks are widely deployed and can be used for testbed and application developments in academic environments. This paper presents wireless positioning testbed and a related application implementation methodology as a case study16. Nowadays state-of-the-art WLAN positioning systems achieve high location estimation accuracy. In designated areas the signal profile map can be designed and used for such a positioning. Coverage of WLAN networks is typically wider than the authorized areas and there might be network intrusion attempts from the vicinity areas such as parking lots, cafeterias, etc. In addition to conventional verification and authorization methods, the network can locate the user, verify if his location is in the authorized area and apply additional checks to find the violators. Keywords: Wireless positioning, WLAN 802.11 intrusion detection.
1. INTRODUCTION In the past few years enterprises widely deploy wireless LANs (WLANs). WLAN have such advantages as lower installation costs per user due to reduced wiring and labor costs. Infonetics Research1 reports that worldwide revenue from wireless LAN equipment reached $2.4 billion in 2005, and it is estimated that respectively 57%, 62%, and 72% or small, medium, and large organizations in North America will have deployed WLAN equipment by 2009. At the same time the wide availability of WLAN and healthy adoption in both enterprise and consumer markets drives the efforts to enable such connectivity for broad range of wireless devices including cell phones. According to worldwide WLAN1 phone revenue was $5 billion in 2006, and its projected to post double-digit growth every year through 2010, when it will top $145 billion, as WLAN is incorporated into a growing range of mobile phones. Dualmode WLAN/cellular phone sales are forecast to grow at a solid annual rate of 31% from 2006 to 2010. Access control in wired networks is facilitated by the physical localization of cables and the possibility to protect Internet/Ethernet ports inside buildings by security personnel and equipment. As WLAN technology widely penetrates the enterprise and consumer markets the access control becomes a challenging problem as wireless signals typically propagate beyond physical boundaries of the security controlled areas. For security purposes low cost installations may leave their wireless links open, hide network names (SSIDs in 802.11 WLAN) or use MAC address lists. For higher security higher cost installations include mechanisms with passwords or private keys, including authentication protocols2,3,4. User access approvals and cancellations, management of access rights, key management and other mechanisms increase management costs. Many WLAN installations operate with insecure configurations and open for various types of network abuse. It is also recognized that link-layer authentication mechanisms will not protect against a large class of denial-of-service attacks based on identity spoofing because these services identify clients using only their MAC addresses, which can be easily forged despite the established session keys5. Attackers can also submit high rates of requests in order to overload a shared authentication server. In summary, while WLAN is being broadly accepted still other cheaper and effective solutions should be found to secure proper network access.
2. LOCALIZATION IN WIRELESS NETWORKS The goal of this paper is to implement a system which identifies the location of users in WLAN networks to identify outof-authorized-area attempts to access wireless networks16. We also envision a testbed which can serve for evaluating performances of different methods16. Most of the existing WLAN localization technologies are based on the fact that standard Wi-Fi devices are able to measure, on a frame-level basis, wireless transmission properties such as signal strength and noise levels of the access points. For example, all IEEE 802.11 systems provide such measurements Mobile Multimedia/Image Processing, Security, and Applications 2008 edited by Sos S. Agaian, Sabah A. Jassim, Proc. of SPIE Vol. 6982 698205, (2008) · 0277-786X/08/$18 · doi: 10.1117/12.777815 Proc. of SPIE Vol. 6982 698205-1 2008 SPIE Digital Library -- Subscriber Archive Copy
referred as RSSI (Received Signal Strength Indicator). Typically parameters like signal strength pattern are used to compute the position of tracked wireless devices as RSSI based systems can be easily deployed. Examples of first WLAN positioning systems are RADAR6,7 and SpotON8 which have shown the feasibility of localization using RSSI WLAN measurements. In an experiment with 3 access points in a 43.5 m × 22.5 m service area RADAR system achieved a localization error lower than 3 meters (the Euclidean distance between real and estimated locations). These are examples of triangulation techniques. Project Aura at Carnegie Mellon University [9] developed CMU-PM algorithm based on matching techniques which provide better accuracy than triangulation based methods, although CMU-PM requires considerable training overhead. We next describe a conventional probabilistic method for estimating user position in wireless network. The method consists of two steps (1) training; (2) positioning. During training stage signal profiles are measured on a grid of locations. A statistical model is used to model the system. For example, assuming Gaussian measurement distribution, one can estimate mean and variance at each grid point using multiple observations. A statistical model is designed for all the points on the grid. Alternatively different observation sets can be combined as a weighted sum of several equally weighted Gaussian kernel functions at locations L . A conditional probability and Bayesian inference can be used to estimate location. At a particular fingerprint location on the map, n RSS samples are taken from a single access point. Each sample is assumed to be Gaussian distributed with a mean of ρ and a measured standard deviation of σ . The resulting likelihood function is the weighted sum of n equally weighted Gaussian kernel functions at a particular location is P( L | F ) =
⎛ ( s − ρi )2 1 n ⎡ 1 ⎢ ⎜− exp ∑ ⎜ 2σ 2 n i =1 ⎢ 2πσ ⎝ ⎣
⎞⎤ ⎟⎥ ⎟⎥ ⎠⎦
Taking into account multiple access points and assuming that they are independent of each other, we can estimate the conditional probability P ( F | L) = P ( s1 | L) P ( s2 | L) L P( sN | L) . It is then possible to estimate a posteriori distribution of
a particular location. Assuming that the a priori probability P ( L ) of each location is known (initially could be equally likely), we can apply Bayes’ rule to find the conditional probability of the location, L given the fingerprint F P( L | F ) =
P ( F | L) P ( L ) P(F )
=
∑
P ( F | L) P ( L ) k ∈L
P ( F | Lk ) P ( Lk )
Hence this method would select the location fingerprint that has the highest estimated posterior probability. In the method described above it is sufficient if we store the mean and standard deviation of the RSS from each access point. It is assumed that the probability of the received signal is a Gaussian distribution. We also used a similar method when the whole distribution of the RSS from every access point is saved instead of their means and standard deviations. It provides more accurate results at the expense of more computations. To determine the location of the user, we compare the RSS at any location to the signal profiles/fingerprints map and find the most likely solution through pattern recognition. As a reference and positioning engine we use a commercially available system from Ekahau10. The Ekahau system operation can be summarized as: 1.
Tracked Devices Measure Received Signal Strength Indicators (RSSI) using a Site Survey Tool.
2.
The RSSI signal values are stored in the Ekahau Positioning Engine (EPE).
3.
EPE Matches the RSSI pattern to values stored in the positioning model.
4.
EPE uses probabilistic algorithm for calculating location estimates.
5.
EPE sends location estimates to applications like The Tracker and The Finder to report user positions.
Ekahau has some unique features which help in achieving a high accuracy of the order 9ft10. Once we finish surveying the required zone then the model is stored into the positioning engine. The positioning engine normalizes the RSSI values as different network adapters have different localized values. Then the model is set as active. Now when a WI-FI
Proc. of SPIE Vol. 6982 698205-2
device moves in the zone then RSSI values are transmitted to the positioning engine. The positioning engine compares these values to the RSSI values stored in the engine and uses the position detecting algorithm and gives out an approximate position location estimate. This data about the position of the WI-FI enabled device is given in the form of an XML response. The WI-FI devices update the positioning engine of their location by sending RSSI signals to the nearest access point, which reach the EPE and this data is sent to the position detecting algorithm which computes the position of the WI-FI device.
3. ZONE SPECIFIC LOCATION MONITORING OF A WLAN ENABLED DEVICE We developed an application for authenticating WiFi (802.11) enabled devices. The application helps in identifying if the user accessing the Wireless LAN is inside the permissible zone or outside. The administrator has the capability of determining the permissible zone and after validating the WI-FI device the administrator can monitor the movements of a Wi-Fi device. 3.1 Architecture of the Application The Zone Specific location Monitoring application was coded in Visual Studio 200511 by the third author. The developed system is MS Windows application and should be installed in the server. The main purpose of the application is to track the client periodically at very short intervals and to validate the position of the client with the predefined boundaries defined by the user. The application poses a query to the positioning engine and the positioning engine gives out an XML response which has the data related to the position of the client being tracked. The query has a fixed format which includes the tag ID or the MAC ID of the device that is being tracked. Then the application reads in the required information from the XML response and the position of the client or tag is updated. A constant update of the client’s position is obtained with the help of a timer which updates the position of the Client. The following are the steps in the implementation. 1) Uploading the map of the zone that is being monitored through the browse button and then the press the upload button. 2) The administrator or the user of the application has the ability to determine the legal zone by pressing the button “Define the legal zone”. After defining the permissible Zone, the area can be viewed by pressing the button “Now show the zone”. 3) The Position feeds of the client can be fed to the application in two ways, either it can be inputted through the API or the co-ordinates of the user are automatically acquired from the Ekahau or similar software which continuously tracks the client. The position of the client is obtained by querying the positioning engine with the help of a timer which has a re-sampling interval of 1000 milliseconds. 4) The output of the query is an xml response and can be read into the application which is coded in Visual Studio Dot Net 2005 and the position of the client is shown on the GUI. 5) Next is the user validation phase, there are two ways by which the administrator can validate if the user is in the permissible zone or outside the permissible zone. 6) On clicking the “Is He a legal User” button which would use the Zone Specific client location validation algorithm and determine if the client is legal user or an illegal user. 7) The “Alarm Button” also helps in determining if the client is a legal of an illegal user. If the color of the Alarm button is green then it indicates that the user is inside the legal Zone and if the color of the Alarm button is red then it indicates that the user is outside the legal zone. The color of the Alarm button is determined using the Zone Specific client location validation Algorithm 8) After the user-zone validation we can obtain the Name and the Mac- ID of the wireless device trying to access the wireless LAN by pressing the “Get User Details” and the network administrator can disconnect the ill-legal user from further connectivity.
Proc. of SPIE Vol. 6982 698205-3
ga/Zone
dcce Point — Legal Zone
f-i
Fig. 1. The illustration of zone specific monitoring
location dtha ,v/aled to signal strength mop
dsngth
XML
signal strength
infonnañon
RFszgnaltmnsmisszon
RFsignaltransmission
Beacon
Beacon
Fig. 2. The Architecture of zone specific location monitoring of a Wi-Fi
Proc. of SPIE Vol. 6982 698205-4
-
rro€hinqepphtotiew
.=mL2sJ
UploadMap:
Rnnnt!
ItOoc.im.ni. md BMflng.IQ m644.Sop.lmh.. PPoj.M.p.f..oo UpI©d
New Show the Zene
Define The Legal Zone
Un,D&: EnterX Co-ordinate:
EntervCo-ordinale:
r
.2sJ
Gntee-e,dinotnnl,enrEkthon OK
Iflflhi
2
3
4
K
7
4
4
17
Fig. 3. A screen shot of the GUI when the client is in the defined zone
____________
JQLJ
Trasking ApnIicetInn
UploadMap:
Rnsnt!
ItOoc.im.n1. md BMflng.IQ m644.Sop.lmh.. PPoj.M.p.f..oo UpI©sd
New Show the Zene
Define The Legal Zone
Urr, Dris
,r— j
EnterxCo-ordinate:
I
EntervCo-ordinale:
I
OK
Gntse-e,dinotnst,eniEkthon
I
____________________________
er.r DD :6
Is He a legal User?
Iflflhl
2
3
4
6
K
7
6
6
16
Get User Details-
I
Fig. 4. A screen shot of the GUI with the user details i.e. the name and the MAC-ID of the laptop
3.2 Performance There are some limitations which affect the accuracy of the algorithm. They can be stated as follows:
Proc. of SPIE Vol. 6982 698205-5
1) We did not acknowledge the effect of different motion patterns on the accuracy of the location estimate of the client. The system does not respond to quick or sudden changes in the direction or speed of motion of the client. 2) Change in the signal strength or signal pattern due to external reasons affects the accuracy. Accuracy is poor when the strength of the signals is low. 3) RSSI values as perceived by the client are easily affected by any change in the surroundings which makes the set-up very delicate. Table 1 shows the variation in the error value of the location estimate with respect to time and also gives an approximate probability of a false alarm. Table 2 shows the response time or the delay for a change in the position of the client in the GUI when the actual client moves in the zone. Error values are because of noisy RSS measurements from access points. Typical day time variation from one access point is shown in Figure 5. Table 1. Variations in the error value for a sample experiment Position of Position-1 Position-2 Position -3 Position -4 Position -5 Position -6 Position -7 Position -8 Position -9 Position -10 Position -11 Position-12 Summary
the
Error values of the Position of the client at specific time instants( iAfter10 f ) sec After 30 sec After 1 minute After 5 minutes 8 6 9 8 5 6 4 5 7.5 6 5 6 7 8 5 9 6.75 6.5 6.25 6.25 8.75 9.75 10.5 9.75 7 6 5.8 5 2 3.25 2 3 2.5 3 2 4.5 3.5 1.5 2.5 3 3.5 2.5 1.5 4.5 5 4 3 4.5 5.4 5.3 4.7 5.7
Table 2. Response time or the delay for a change in the position of the client Position of the Client Position 1-> Position 2 Position 2-> Position 3 Position 3-> Position 4 Position 4-> Position 5 Position 5-> Position 6 Position 6-> Position 7 Position 7-> Position 8 Position 8-> Position 9 Position 9-> Position 10 Position 10-> Position 11 Position 11-> Position 12 Position 12-> Position 11 Mean response time
Response time (in sec) 6 3 4 3 5 3 5 4 3 3 5 4 4
Proc. of SPIE Vol. 6982 698205-6
Did the validation Algorithm work No Yes Yes Yes Yes No Yes Yes Yes No Yes Yes Success percentage of 75%
Fig. 5. The variations in Signal to noise ratio of one access point (Mac ID - 00-11-20 52-D8-40) at position 1
The Position Estimation and Tracking of a WI-FI enabled device with Zone Specific monitoring of a Location using standard Wireless networks (802.11) for enhanced Security applications is implemented and tested. We obtained the accuracy of the order 3-9ft for tracking in indoor environments.
4. WIFI POSITIONING TESTBED The Position of a WI-FI enabled device using the Standard Wireless networks (802.11) can be computed by many algorithms and this section describes development of an environment which can facilitate testing and analysis of algorithms. The Ekahau system is connected to serve as a reference system. The present alternative positioning system is based on a pattern matching algorithm and software providing signal strength measurements and MAC IDs (Network Stumbler®). As with other pattern matching system the area is surveyed to generate a pattern database. The offline phase consists surveying the entire zone. During the survey stage, radio signatures of various access points at different locations are acquired by measuring the RSS values. . Equally spaced points with a distance of 5 ft are marked in the zone and they are referred to as reference points. We use an open source software called NetStumbler12 to obtain the RSS values at the reference points. NetStumbler is scripting enabled, so using a VBScript we store the RSS data into a database. To analyze the data obtained we calculate the mean of the signal strengths at each access point and also compute the variance. This is called as a Reference carpet and is used for further comparisons. Collecting the reference data is the major action performed during the training phase. The reference data was collected for a period of 7 minutes at each reference point at a rate of two samples per second. The data was collected in intervals of 1 minute i.e. for every one minute of data collected we take an interval of one minute and then resume collecting data. This is done as it avoids the case of missing the radio signature of a hibernating access point which wakes up in due time. The online phase consists of retrieving the data related to the signal strengths from the NetStumbler software and inserting it into a database. We compare the data obtained during the tracking phase to the reference data obtained during the survey phase using various algorithmic approaches to obtain the position of the WI-FI enabled device. 4.1 Testbed Setup An experimental setup was established in the lab BSE 2.210 on the second floor of the BSE building in the Department of Electrical Engineering, at The University of Texas At San Antonio. The layout the lab is shown in Figure 1.
Fig. 6. Floor plan of the experimental setup, BSE 2.210 at the UTSA
Proc. of SPIE Vol. 6982 698205-7
Access points mounted at different locations in the second floor of the BSE building were considered. The access points act as wireless signal transmitters and receivers. We used a Dell Inspiron 600m (OS: WINDOWS XP Professional) as the WI-FI device that is being tracked. An Intel® PRO/wireless 2915ABG wireless card was used as the network card. The network cards synchronize with the network and they measure the signal strength (SS) from the Access Points. The 802.11b/g (‘Wi-Fi’) protocol is used in this system. 4.2 Software Design and Development Our wireless positioning and tracking with a pattern matching approach package consists of several modules working together on the .Net platform. We get the signal strengths from the Network stumbler software and then import this data with the help of a VB script into a Microsoft SQL server database and then apply our positioning algorithm and determine the position of the WI-FI user. The system architecture components are described next and illustrated in Fig. 8.
TTh
BSEB Level 2
rn
__ —
•H
U
Ml
Fig. 7. Location of the access points mounted and used for the experiment
The Intrusion Detection application consists of several modules working together on the .Net platform. The data related to the signal strengths is obtained from the Network stumbler software. Then it is imported into a database with the help of a VB script. We determine the position of the WI-FI user by applying our positioning algorithms to the RSS data. Then the intrusion detection algorithm is applied to validate the legality of the position of Wi-Fi device. The system architecture components are described next and illustrated in Fig. 2. • Ekahau Technology®. Ekahau is Wi-Fi based positioning technology which uses the already established Wi-Fi set up to estimate the position of Wi-Fi enabled devices. We use Ekahau in our application as a reference system. When the Ekahau system is queried about the position of a tag it outputs an xml response which contains data related to the position of the Wi-Fi tag and it’s Mac ID. We read the XML information into our application and position the tag accordingly. The Ekahau positioning system is queried periodically to obtain the position update. • Network Stumbler®. NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It is used for many purposes, like to verify whether the network is set up as intended, find locations with poor coverage in WLAN network, detect other networks that may be causing interference, detect unauthorized "rogue" access points in your workplace, help aim directional antennas for long-haul WLAN links, use it recreationally for WarDriving. In our project we use NetStumbler to measure the signal strengths and the noise levels of all the access points visible at each point and use the data to estimate the position and track a Wi-Fi enabled device that is using the standard 802.11 a/b/g. Other software examples which provide the signal strength measurements are Kismet13, Wellenreiter14, Boingo client15 etc. • VB script. Network Stumbler is scripting enabled, so, a VB Script is attached to the NetStumbler software to export the data into a file which contains the information related to the signal strengths, noise and the Mac Id of the access
Proc. of SPIE Vol. 6982 698205-8
points. The implemented VB script ‘nts_excel.vbs’ exports this data from Net Stumbler into an Excel file ‘ap.xls’. This file is updated every 560 milliseconds.
)
Corn pans oii Darn
Fig. 8. Software architecture of the application Signal Strengths OF Acess points
macid
Path St the Map
--
I cignaV
80 I0:\D0000ento and Settingo\phanihriohna.oagiraj.UTS 4
Uphad
00h12052F010
55
000825F88EE0
51
001120520840
83
00112052F010
55
000825F88EE0
51
001121 830A30
37
00112052E170
28
Teot Datahapeponneption
kahat' 1eosilion
•
Start Trapk'ng the Laptop
I
Anne'aI posinio'e Posinioie winh our Progra ill
I Stop Traphrog the Laptop
cloce
(a)
(b)
Fig. 9. (a) The GUI of the application. An example of parallel operation of the reference system (Ekahau) and our alternative solution. (b) A screen shot of the GUI which gives a list of access points and their corresponding signal strengths.
• The Application. The interface of The Intrusion detection application was coded in VB.Net. It allows uploading the map of the zone where the WI-enabled device is present. When the user clicks on the ‘Start Tracking the Laptop’ button all the timers are initiated and the data from the excel file is pushed into the buffer table in the database. The timer is run every one second and so all the data which is exported from the Network stumbler software is imported into the database. The timer then initiates a stored procedure which collects the last thirteen snapshots of the data from the buffer table and inserts them into the trial data table, which is used for the location estimation. This is done to calculate the latest position update of the WI-FI enabled device using only the last few signal strengths of various access points. The second timer initiates a comparison of trial data and the reference data that has been collected prior
Proc. of SPIE Vol. 6982 698205-9
to the deployment of this program. The comparison is done with the help of the stored procedures that are stored in the database. Then a pattern matching (or) probabilistic approach is chosen according to the user preference and we select the position based on the number of matches of the trial data with the reference data. • Database:The data present in the excel file ‘ap.xls’ is read into a buffer table in Microsoft SQL server 2005 database with the help of a timer which is run in the VB.NET program. So all the data present in the excel file would come into the database buffer. This also has an extra parameter added which describes the scan sequence i.e. it has an additional parameter which mentions the number of data snapshots which describes the order of the data and we use this parameter to obtain the latest signal strengths transmitted by the user. Then the last thirteen snapshots of data are inserted into the trial table in the database. All the data is analyzed with the help of the stored procedures and all the comparison data is sent back to the vb.net program. The reference point with the highest number of matches is assumed to be the most probable position of the laptop.
5. POINT POSITIONING WITH RESPECT TO A POLYGON In general the authorized areas may have arbitrary shapes and one should address the issue of a relative placement of a user with an identified location with the specified areas on the map. We approximate the area of the interest by a polygon. Next we determine if the user location (x, y) is inside or outside the polygon (see Fig. 10a). We place the spatial origin to the user location. Then the number of intersections of either the positive or the negative sections of the y-coordinate axis will indicate the relative alignment of the user and the polygon. F?
Fl - F6
F?
Fig. 10. Relative location of vertices and the user are used to determine if the user is inside or outside the area of interest.
If the x-coordinates of two consecutive vertex points change in sign then there is an intersection of the line-segment connecting these consecutive vertex points and the y (vertical) axis. The intersection point is computed as
y* =
(
∗
∗
where x , y
y2( x0 − x1) + y1( x2 − x0) x2 − x1
)
represents the point of intersection of the line joining the two vertices and the vertical axis, ( x0 , y0 )
represents the location of the user, and
( x1, y1 ) , ( x2 , y2 )
are locations of two polygon vertices. The number of ∗
intersections above or below spatial origin (positive or negative y should be odd to decide if the user is inside the polygon.
Proc. of SPIE Vol. 6982 698205-10
6. CONCLUSIONS In this paper we presented an implementation methodology for WLAN location systems and applications. WLAN systems are available at almost all university campuses and we demonstrated how to use this easily accessible network for various experimentation needs. An experimental testbed for comparative analysis of various WLAN positioning systems is designed and an enhanced WLAN authentication approach has been implemented. User locations are used for various location based services (LBS) and the proposed solutions will help the community to exploit user locations in their applications.
7. ACKNOWLEDGMENT The authors would like to thank S.P. Kiran Yerubandi for the help. REFERENCES [1] [2] [3]
Infonetics Research. http://www.infonetics.com/. Accessed Feb 18, 2008. B. Aboba and D. Simon. PPP EAP TLS Authentication Protocol, RFC2716, IETF. October 1999. Paul Funk and Simon Blake-Wilson. EAP Tunneled TLS Authentication Protocol Version 1 (EAP-TTLSv1), Internet Draft, IETF. draft-funk-eap-ttls-v1-01.txt, March 2006. [4] Ashwin Palekar, Dan Simon, Glen Zorn, Joe Salowey, Hao Zhou, and S. Josefsson. Protected EAP Protocol (PEAP) Version 2, Internet Draft, IETF. draft-josefssonpppext-eap-tls-eap-07.txt, October 2003. [5] John Bellardo and Stefan Savage, “802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions,” In Proceedings of the USENIX Security Symposium, Washington, DC, USA, August 2003. [6] Paramvir Bahl and Venkata N. Padmanabhan, “RADAR: An In-Building RF-Based User Location and Tracking System,” In Proc. of the 19th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM'00), Tel-Aviv, Israel, March 2000. [7] Paramvir Bahl, Venkata N. Padmanabhan, and A. Balachandran, “Enhancements to the RADAR User Location and Tracking System,” Technical Report MSR-TR-00-12, Microsoft Research, February 2000. [8] Je_rey Hightower, RoyWant, and Gaetano Borriello, “SpotON: An Indoor 3D Location Sensing Technology Based on RF Signal Strength,” Technical Report UW CSE 2000-02-02, University of Washington, February 2000. [9] Dan Garlan, Daniel P. Siewiorek, Asim Smailagic, and Peter Steenkiste, “Project aura: Toward distraction-free pervasive computing,” IEEE Pervasive Computing, 1(2):22-31, April 2002. [10] Documentation from the website of Ekahau, http://www.ekahau.com. Accessed Feb 18, 2008. [11] The MSDN Library is an essential resource for developers using Microsoft tools, products, and technologies.www.msdn.com. Accessed Feb 18, 2008. [12] Network Stumbler at http://www.netstumbler.com/ as an open source RSSI measurement software. Accessed Feb 18, 2008.
[13] Kismet wireless at http://www.kismetwireless.net/. Open source 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Accessed Feb 18, 2008. [14] Wellenreiter - GTK/Perl open source software that makes the discovery, penetration and auditing of 802.11b wireless networks at http://wellenreiter.sourceforge.net/ . Accessed Feb 18, 2008. [15] Boingo client. http://www.boingo.com/partner/carrier4.html. Accessed Feb. 18, 2008. [16] D. Akopian and P. Chen, “Using wireless positioning technologies for intrusion detection,” White Paper for the Centre of Information Assurance and Security, UTSA, 2006.
Proc. of SPIE Vol. 6982 698205-11
