Your SlideShare is downloading. ×
sigcomm.org
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

sigcomm.org

209

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
209
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. DAIR: D ense A rray of I nexpensive R adios Managing Enterprise Wireless Networks Using Desktop Infrastructure Victor Bahl † , Jitendra Padhye † , Lenin Ravnindranath † , Manpreet Singh ‡ , Alec Wolman † , Brian Zill † † Microsoft Research ‡ Cornell University
  • 2. Observations
    • Outfitting a desktop PC with 802.11 wireless is becoming very inexpensive
      • Wireless USB dongles are cheap
      • PC motherboards are starting to appear with 802.11 radios built-in
    • Desktop PC’s with good wired connectivity are ubiquitous in enterprises
    $6.99!
  • 3. Key Insight
    • Combine to provide a dense deployment of wireless “sensors”
    • We can use this platform to realize the full potential of wireless networks
      • Enterprise wireless management tools
      • Enable new services where wireless is a key component
  • 4. The DAIR Platform
    • Wireless management tools
      • Improve security
      • Reduce IT ops costs
      • Increase “quality of service”
    • New applications and services
      • Location services
      • Seamless roaming
      • Alternative data distribution channel
  • 5. Outline
    • Motivation
    • DAIR architecture
    • Management apps (& Rogue networks)
    • Related work
  • 6. Enterprise WLAN Management
    • Corporations spend a lot on WLAN infrastructure
      • Worldwide enterprise WLAN business expected to grow from $1.1 billion this year to $3.5 billion in 2009
      • MS IT dept. – 72% of costs are people
    • Security and reliability are major concerns
      • Wireless networks are becoming a target for hackers
      • Reliability:
        • MS IT receives ~500 WLAN helpdesk requests per month
        • No easy way to measure cost of reliability problems
  • 7. Advantages of the DAIR Approach
      • High density
        • Wireless propagation is highly variable in enterprise environments (many obstructions)
        • Lots of channels to cover: 11 for 802.11b/g, 13 for 802.11a
        • Improves fidelity of many management tasks
        • Enables accurate location (useful as a diagnosis tool)
      • Stationary sensing
        • Provides predictable coverage
        • Also helps enable location services
        • Allows meaningful historical analysis
      • Desktop resources
        • Spare CPU, disk, and memory
        • Good connectivity to wired network
        • Wall power
  • 8. Outline
    • Motivation
    • DAIR architecture
    • Management apps (& Rogue networks)
    • Related work
  • 9. DAIR Architecture
  • 10.  
  • 11. Outline
    • Motivation
    • DAIR architecture
    • Management apps (& Rogue networks)
    • Related work
  • 12. Wireless Management Apps
    • Performance and Reliability
    • Performance monitoring
      • Site planning: AP placement, frequency selection
      • AP Load balancing
      • Isolating performance problems
    • Helping disconnected clients
      • RF Holes
      • Misconfiguration, certificates, etc…
    • Reliability
      • Recovery from malfunctioning APs
      • Recovery from poor association policies
  • 13. Wireless Management: Security Apps
    • Detecting DoS attacks:
      • Spoofing Disassociation
      • Large NAV values
      • Jamming
    • Detecting Rogue Wireless Networks
  • 14. Rogue Wireless Networks
    • Detecting rogue APs and rogue ad-hoc networks
    • An uninformed or careless employee who doesn’t understand (or chooses not to think about) the security implications
      • An employee brings in an AP from home, and attaches it to the corporate network, creating a rogue AP
      • It is trivial to configure a desktop PC with a wireless interface to create a rogue ad-hoc network
  • 15. Risks
    • Attaching unauthorized AP to a corporate network
      • May allow unauthorized wireless clients to gain access
    • A wireless client unknowingly connects to unauthorized AP on unauthorized network
      • May expose corporate information on that network
    • Once rogue network is installed, physical proximity is no longer needed (esp. with directional antennas)…
  • 16. A Simple Solution?
    • Build a database of known:
      • SSIDs (network names)
      • BSSIDs (access point MAC addresses)
    • Use DAIR infrastructure to scan
      • Whenever an unknown entity appears (either SSID or BSSID), raise an alarm
    • This is the level at which most previous work solves this problem
  • 17. False Alarms
    • In many enterprise environments, one can hear other legitimate APs
      • E.g. shared office buildings
    • Is the unknown wireless network connected to your corporate wired network?
  • 18. Testing for Wired Connectivity
    • Association test
      • Associate with suspect AP, contact wired node
    • Mac address tests:
      • First-hop router test
        • Wireless “DEST” = known router on wired network
      • ARP test
        • Wireless “DEST” = known entity on local subnet
    • DHCP signature test
      • For wireless routers: Identify device type through DHCP options
    • Packet correlation test
      • Use timing and packet lengths to see traffic on both wired/wireless
    • Replay test
  • 19. First-Hop Router Test Land Monitor Air Monitor Subnet Router Database Land Monitor discovers MAC addresses of all subnet routers, submits results to the database AirMonitor overhears a client communicating with an unknown access point Access Point ? Client
  • 20. First-Hop Router Test Unencrypted Header Encrypted Payload Receiver Transmitter Destination Access Point Client Subnet Router 802.11 Frame (with encryption): MAC Addresses:
  • 21. Outline
    • Motivation
    • DAIR architecture
    • Management apps (& Rogue networks)
    • Related work
  • 22. Current Approaches & Related Research
    • Many commercial offerings in this space
    • Leverage existing access points (APs)
      • AirWave, ManageEngine, …
      • AP’s primary goal is to provide service to clients, limited time listening on other channels
    • Specialized sensors
      • Aruba (MS IT choice), AirDefense, AirTight …
      • Expensive  limited density
    • [Adya et al. Mobicom 04] – use assistance of mobile clients
      • Difficult to provide predictable coverage
      • Less proactive due to energy constraints
    • Other wireless monitoring
  • 23. Wrapping Up…
      • Status
        • Built much of the “plumbing”: AirMonitors, Inferencing Service, Management Console (GUI)
        • Built set of wireless security apps, ongoing evaluation
        • Deployed ~22 AirMonitors on one floor of our building
      • Next 6 months:
        • Performance & reliability apps
        • Provide location services
        • Larger scale deployment
      • Longer Term: going beyond management tools
        • Seamless roaming
        • Self-configuring complete replacement for existing wireless infrastructure

×