Passive Listening and Intrusion Management in Commodity Wi-Fi Networks

Abstract

We examine a widely accepted myth about passive listening in wireless networks, and give a detailed description of how to achieve real "passive listening." Then we develop a lightweight intrusion management system called LIMS for commodity Wi-Fi networks. Our system employs novel techniques to increase network resilience to passive and active attacks that could reveal the WEP/WPA-PSK shared key. LIMS has the following nice properties: i) it requires neither specialized hardware nor modification to existing security protocols (e.g, WEP and WPA); ii) the proposed mechanism can be integrated with an access point in a plugin manner; iii) it provides a cost-effective security enhancement to Wi-Fi networks by incorporating free but mature software tools; iv) it has the ability to prevent a certain class of DoS attacks.