USE OF PACKET CAPTURE (PCAP) SOFTWARE FOR VIRTUAL ACCESS POINT CORRELATION
Loading...
Authors
Lutton, Corey E.
Subjects
virtual access point correlation
VAP correlation
IEEE 802.11
wireless
WIFI
graph theory
packet capture
Wireshark
Tshark
Gephi
VAP correlation
IEEE 802.11
wireless
WIFI
graph theory
packet capture
Wireshark
Tshark
Gephi
Advisors
Michael, James B.
Roth, John D.
Date of Issue
2019-03
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
Virtual access points (VAP) are a commonly utilized method to broadcast service set identifiers (SSID) with different privilege levels from the same access point (AP). While research has been focused on securing information transmitted using the IEEE 802.11 standard and the authentication of users on wireless local area networks (WLAN), little attention has been given to the security of VAPs utilized on APs to determine whether the presence of a less-privileged, less-secured SSID is a security vulnerability for the AP that hosts it. In this thesis, we collected beacon frames from VAPs hosted on WLAN APs and attempted to correlate VAPs using graph theory and beacon frame characteristics. We discovered that it is possible to correlate beacon frames using the beacon frame timestamp and, to a lesser extent, the received signal strength indicator.
Type
Thesis
Description
Series/Report No
Department
Computer Science (CS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.