SecureAngle

Abstract

Wireless local area networks play an important role in our everyday lives, at the workplace and at home. However, wireless networks are also relatively vulnerable: physically located off-premises, attackers can circumvent wireless security protocols such as WEP, WPA, and even to some extent WPA2, presenting a security risk to the entire network. To address this problem, we propose SecureAngle , a system designed to operate alongside existing wireless security protocols, adding defense in depth. SecureAngle employs multiantenna APs to profile the directions at which a client's signal arrives, using this angle-of-arrival information to construct unique signatures that identify each client. With these signatures, we are currently investigating how a SecureAngle enabled AP can enable a "virtual fence" that drops frames injected into the network from a client physically located outside a building, and how a SecureAngle-enabled AP can prevent malicious parties from spoofing the link-layer address of legitimate clients.