@article{
 title = {Passive Online Detection of 802.11 Traffic Using Sequential Hypothesis Testing with TCP ACK-Pairs},
 type = {article},
 year = {2009},
 identifiers = {[object Object]},
 keywords = {summarized,wireless},
 pages = {398-412},
 volume = {8},
 websites = {http://dx.doi.org/10.1109/tmc.2008.126},
 month = {3},
 id = {267d78b2-5cfa-3c57-932f-eb45c9625bcd},
 created = {2018-07-12T21:31:24.450Z},
 file_attached = {false},
 profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
 group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
 last_modified = {2018-07-12T21:31:24.450Z},
 read = {false},
 starred = {false},
 authored = {false},
 confirmed = {true},
 hidden = {false},
 citation_key = {wei:detection},
 source_type = {article},
 notes = {A method for detecting, at a border router, which traffic corresponds to a Wi-Fi client -- regardless of whether there are intermediate routers, or things like NAT, involved. They mention rogue-detection and performance-diagnosis as possible applications. They implemented and deployed the system on the border router at UMass.},
 private_publication = {false},
 abstract = {In this paper, we propose two online algorithms to detect 802.11 traffic from packet-header data collected passively at a monitoring point. These algorithms have a number of applications in real-time wireless LAN management, for instance, in detecting unauthorized access points and detecting/predicting performance degradations. Both algorithms use sequential hypothesis tests and exploit fundamental properties of the 802.11 CSMA/CA MAC protocol and the half-duplex nature of wireless channels. They differ in that one requires training sets, while the other does not. We have built a system for online wireless traffic detection using these algorithms and deployed it at a university gateway router. Extensive experiments have demonstrated the effectiveness of our approach: the algorithm that requires training provides rapid detection and is extremely accurate (the detection is mostly within 10 seconds, with very low false-positive and false-negative ratios), the algorithm that does not require training detects 60 percent to 76 percent of the wireless hosts without any false positives, and both algorithms are lightweight, with computation and storage overhead well within the capability of commodity equipment.},
 bibtype = {article},
 author = {Wei, Wei and Suh, Kyoungwon and Wang, Bing and Gu, Yu and Kurose, James and Towsley, Don and Jaiswal, Sharad},
 journal = {IEEE Transactions on Mobile Computing},
 number = {3}
}

{"_id":"h7c743xC56voP5J3j","bibbaseid":"wei-suh-wang-gu-kurose-towsley-jaiswal-passiveonlinedetectionof80211trafficusingsequentialhypothesistestingwithtcpackpairs-2009","downloads":0,"creationDate":"2019-02-15T15:14:58.999Z","title":"Passive Online Detection of 802.11 Traffic Using Sequential Hypothesis Testing with TCP ACK-Pairs","author_short":["Wei, W.","Suh, K.","Wang, B.","Gu, Y.","Kurose, J.","Towsley, D.","Jaiswal, S."],"year":2009,"bibtype":"article","biburl":null,"bibdata":{"title":"Passive Online Detection of 802.11 Traffic Using Sequential Hypothesis Testing with TCP ACK-Pairs","type":"article","year":"2009","identifiers":"[object Object]","keywords":"summarized,wireless","pages":"398-412","volume":"8","websites":"http://dx.doi.org/10.1109/tmc.2008.126","month":"3","id":"267d78b2-5cfa-3c57-932f-eb45c9625bcd","created":"2018-07-12T21:31:24.450Z","file_attached":false,"profile_id":"f954d000-ce94-3da6-bd26-b983145a920f","group_id":"b0b145a3-980e-3ad7-a16f-c93918c606ed","last_modified":"2018-07-12T21:31:24.450Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"citation_key":"wei:detection","source_type":"article","notes":"A method for detecting, at a border router, which traffic corresponds to a Wi-Fi client -- regardless of whether there are intermediate routers, or things like NAT, involved. They mention rogue-detection and performance-diagnosis as possible applications. They implemented and deployed the system on the border router at UMass.","private_publication":false,"abstract":"In this paper, we propose two online algorithms to detect 802.11 traffic from packet-header data collected passively at a monitoring point. These algorithms have a number of applications in real-time wireless LAN management, for instance, in detecting unauthorized access points and detecting/predicting performance degradations. Both algorithms use sequential hypothesis tests and exploit fundamental properties of the 802.11 CSMA/CA MAC protocol and the half-duplex nature of wireless channels. They differ in that one requires training sets, while the other does not. We have built a system for online wireless traffic detection using these algorithms and deployed it at a university gateway router. Extensive experiments have demonstrated the effectiveness of our approach: the algorithm that requires training provides rapid detection and is extremely accurate (the detection is mostly within 10 seconds, with very low false-positive and false-negative ratios), the algorithm that does not require training detects 60 percent to 76 percent of the wireless hosts without any false positives, and both algorithms are lightweight, with computation and storage overhead well within the capability of commodity equipment.","bibtype":"article","author":"Wei, Wei and Suh, Kyoungwon and Wang, Bing and Gu, Yu and Kurose, James and Towsley, Don and Jaiswal, Sharad","journal":"IEEE Transactions on Mobile Computing","number":"3","bibtex":"@article{\n title = {Passive Online Detection of 802.11 Traffic Using Sequential Hypothesis Testing with TCP ACK-Pairs},\n type = {article},\n year = {2009},\n identifiers = {[object Object]},\n keywords = {summarized,wireless},\n pages = {398-412},\n volume = {8},\n websites = {http://dx.doi.org/10.1109/tmc.2008.126},\n month = {3},\n id = {267d78b2-5cfa-3c57-932f-eb45c9625bcd},\n created = {2018-07-12T21:31:24.450Z},\n file_attached = {false},\n profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},\n group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},\n last_modified = {2018-07-12T21:31:24.450Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n citation_key = {wei:detection},\n source_type = {article},\n notes = {A method for detecting, at a border router, which traffic corresponds to a Wi-Fi client -- regardless of whether there are intermediate routers, or things like NAT, involved. They mention rogue-detection and performance-diagnosis as possible applications. They implemented and deployed the system on the border router at UMass.},\n private_publication = {false},\n abstract = {In this paper, we propose two online algorithms to detect 802.11 traffic from packet-header data collected passively at a monitoring point. These algorithms have a number of applications in real-time wireless LAN management, for instance, in detecting unauthorized access points and detecting/predicting performance degradations. Both algorithms use sequential hypothesis tests and exploit fundamental properties of the 802.11 CSMA/CA MAC protocol and the half-duplex nature of wireless channels. They differ in that one requires training sets, while the other does not. We have built a system for online wireless traffic detection using these algorithms and deployed it at a university gateway router. Extensive experiments have demonstrated the effectiveness of our approach: the algorithm that requires training provides rapid detection and is extremely accurate (the detection is mostly within 10 seconds, with very low false-positive and false-negative ratios), the algorithm that does not require training detects 60 percent to 76 percent of the wireless hosts without any false positives, and both algorithms are lightweight, with computation and storage overhead well within the capability of commodity equipment.},\n bibtype = {article},\n author = {Wei, Wei and Suh, Kyoungwon and Wang, Bing and Gu, Yu and Kurose, James and Towsley, Don and Jaiswal, Sharad},\n journal = {IEEE Transactions on Mobile Computing},\n number = {3}\n}","author_short":["Wei, W.","Suh, K.","Wang, B.","Gu, Y.","Kurose, J.","Towsley, D.","Jaiswal, S."],"urls":{"Website":"http://dx.doi.org/10.1109/tmc.2008.126"},"bibbaseid":"wei-suh-wang-gu-kurose-towsley-jaiswal-passiveonlinedetectionof80211trafficusingsequentialhypothesistestingwithtcpackpairs-2009","role":"author","keyword":["summarized","wireless"],"downloads":0},"search_terms":["passive","online","detection","802","traffic","using","sequential","hypothesis","testing","tcp","ack","pairs","wei","suh","wang","gu","kurose","towsley","jaiswal"],"keywords":["summarized","wireless"],"authorIDs":[]}