Enhancing
the Security of Enterprise Wi-Fi Networks Using DAIR
Alec
Wolman
Microsoft
Research, Redmond
Date:
Friday, November 17, 3pm
Location: BA 1170 (Bahen Center)
Abstract:
We present
the DAIR framework for monitoring and managing enterprise wireless
networks using desktop infrastructure (DAIR is short for Dense Array of
Inexpensive Radios).
The DAIR solution is based on two simple observations. First, in most
enterprise environments, one finds plenty of desktop machines with good
wired connectivity, and spare CPU and memory resources. Second,
inexpensive USB-based Wi-Fi adapters are commonly available. By
attaching these adapters to desktop machines, and dedicating the
adapters to the task of monitoring the wireless network, we create a
low cost management infrastructure.
We demonstrate the utility of the DAIR framework by describing two
security applications we have built with it. The first is detecting
rogue wireless devices (e.g., access points) attached to corporate
networks, and the second is detecting Denial-of-Service attacks on
Wi-Fi networks. We have deployed these security management
applications on a testbed in our building, and over the last year our
testbed has grown from 16 to 60 nodes. Using the testbed, we
show that a dense deployment of RF sensors is necessary to provide
comprehensive coverage for detecting security breaches.