Toronto Networking Seminar

Enhancing the Security of Enterprise Wi-Fi Networks Using DAIR

Alec Wolman
Microsoft Research, Redmond

Date:  Friday, November 17,  3pm
Location: BA 1170 (Bahen Center)


We present the DAIR framework for monitoring and managing enterprise wireless networks using desktop infrastructure (DAIR is short for Dense Array of Inexpensive Radios). 
The DAIR solution is based on two simple observations. First, in most enterprise environments, one finds plenty of desktop machines with good wired connectivity, and spare CPU and memory resources. Second, inexpensive USB-based Wi-Fi adapters are commonly available. By attaching these adapters to desktop machines, and dedicating the adapters to the task of monitoring the wireless network, we create a low cost management infrastructure.
We demonstrate the utility of the DAIR framework by describing two security applications we have built with it. The first is detecting rogue wireless devices (e.g., access points) attached to corporate networks, and the second is detecting Denial-of-Service attacks on Wi-Fi networks.  We have deployed these security management applications on a testbed in our building, and over the last year our testbed has grown from 16 to 60 nodes.  Using the testbed, we show that a dense deployment of RF sensors is necessary to provide comprehensive coverage for detecting security breaches.