This paper presents a new MAC (Medium Access Control) spoofing detection algorithm in IEEE 802.11 networks. The proposed algorithm utilizes PLCP (Physical Layer Convergence Protocol) header of IEEE 802.11 frames to differentiate an attacker station from a genuine station. PLCP header of IEEE 802.11 frames maybe change for each frame. It depends on transmission rate adaptation algorithm which is designed by vendors of wireless interfaces driver. The rate adaptation of an attacker station and a genuine station is different depending on adaptive algorithm and environments; therefore it is much harder to forge PLCP header. The experimental results show that the percent of correct detection is 100 percent when the number of monitoring stations located in appropriate positions are only two.
展开▼