Main Menu

    Invisible Scout: A Layer 2 Anomaly System for Detecting Rogue Access Point (RAP)

    Citation

    Arisandi, Diki and Ahmad, Nazrul M. and Kannan, Subarmaniam (2025) Invisible Scout: A Layer 2 Anomaly System for Detecting Rogue Access Point (RAP). Emerging Science Journal, 9 (1). pp. 284-310. ISSN 2610-9182

    [img] Text
    2723-8551-1-PB.pdf - Published Version
    Restricted to Repository staff only
    Download (2MB)

    Abstract

    Rogue Access Points (RAPs) pose a significant security threat by mimicking legitimate Wi-Fi networks and potentially compromising sensitive data. To address this issue, this research has proposed an innovative mechanism called Invisible Scout, which uses a multi-module system to identify RAPs. This study aimed to develop and validate a mechanism capable of accurately detecting RAPs in controlled setups, real-world environments, and under de-authentication attack scenarios. The proposed system consists of four key modules: sniffer, detection, probing, and comparison. To evaluate its effectiveness, tests were conducted in controlled and open environments and under de-authentication scenarios, using decision tree models and various metrics to assess performance. The decision tree model showed promising results in the controlled setup, achieving an Area Under the Curve (AUC) score of 0.921 and classification accuracy (CA) of 0.875, indicating that the model effectively distinguished between legitimate access points and RAPs. When tested in an open environment, the model's performance improved, achieving an AUC score of 0.952 and a CA of 0.994. Furthermore, under a de-authentication attack, the model achieved an AUC score of 0.955 and a CA of 0.996. To gain a deeper understanding of RAP behaviors, linear regression analysis was conducted, revealing patterns and visualizing the existence of RAPs, which could assist in further analysis. In conclusion, the results demonstrated that the proposed mechanism was highly effective in identifying RAPs. Future research should focus on refining the detection mechanism, incorporating real-time response capabilities, and expanding testing to diverse network scenarios

    Item Type: Article
    Uncontrolled Keywords: Beacon frames
    Subjects: T Technology > TL Motor vehicles. Aeronautics. Astronautics > TL1-484 Motor vehicles. Cycles
    Divisions: Faculty of Information Science and Technology (FIST)
    Depositing User: Ms Rosnani Abd Wahab
    Date Deposited: 06 Mar 2025 02:19
    Last Modified: 06 Mar 2025 02:19
    URII: http://shdl.mmu.edu.my/id/eprint/13594

    Downloads

    Downloads per month over past year

    View ItemEdit (login required)

    MMU Institutional Repository is powered by EPrints | Siti Hasmah Digital Library | Multimedia University