All warfare is based on deception.
-- Sunzi, 6th cent. B.C
In the battle of security, it is essential to be able to discriminate intruders as they might disguise themselves as legitimate users. Failure to do so either makes intruder free to launch attacks without being afraid of disclosure or creates an awkward situation that legitimate users might be accidentally injured in the process of fighting against intruders.
However, exclusive discriminating intruders in Wireless Local Area Network (WLAN) is not as easy as its fixed counterpart. The difficulty is partially a consequence of one important characteristic of WLAN architecture - lack of information about the physical location of network nodes (either general clients or Access Points) in a wireless network.
Of course, it is one of the major advantages of the WLAN technology in that it allows mobility for network users by removing the need for physical attachment to the network; however, this results in an inability to exclusively identify a network node. Compared with a conventional fixed network, there is a critical missing component in WLAN network. When a client connects to a fixed network, such as one based on Ethernet standard, it must physically plug into an activated port. This fixed port provides reliable identification information about the client. Ethernet system administration holds full control of the activation or deactivation of fixed network ports. Hence all Ethernet traffic can be uniquely traced back to its originating port. On the other hand, a WLAN Access Point relies on, at a minimum, the MAC address of the network traffic to identify traffic associated with a particular WLAN network node - and hence by extension the identity of the node itself. However, MAC address of a WLAN interface card can be easily modified on almost all of main stream operating systems. As a result, intruders can forge their identity and send out WLAN frames on behalf of legitimate WLAN nodes.
In order to cope with this issue, we propose a novel approach of leveraging additional information derived from the wireless network infrastructure to provide some abstract node identification information. In particular, the relationship between distance and received signal strength of the wireless signal can give clues as to relative node location. When a WLAN network node emits network traffic, sensors at different location receive and are able to report different levels of signal strength. If sufficient signal strength readings for packets from a particular node are available, then the proportional relationship of these different signal strengths form a "finger print" pattern for the relative location of this WLAN network node. We constructed a dense wireless sensor network from existing WLAN interface cards within the network, most of which are able to be configured to function as sensors. If sufficient sensors are available, WLAN frames from physically separate nodes may be clearly differentiated, which in turns may enable masquerading nodes and access points to be identified.