A network entity such as a transmitting station in a traditional wireless network such as a wireless local area wireless (WLAN) that conforms to the IEEE 802.11 standard, or a personal area network (PAN) such as one that conforms to the Bluetooth standard is typically identified by a network identifier included in data sent by the entity. For example, a network conforming to the IEEE 802.11 standard uses the media access control (MAC) address of the transmitting station (the sender) to serve as the unique identifier of the sender. Software may readily be written and available that can alter the source MAC address of a transmitting station, called spoofing. Such spoofing can cause many problems in the network. For example, location tracking within a wireless network such as a WLAN is becoming commonplace. Furthermore, radio location tags are now available that use WLAN technology to transmit information about assets to which they are attached. Spoofing can present a problem for wireless-network-based location tracking system since the location of a critical and/or valuable resource can thus be intentionally misrepresented. For example, a laptop or personal digital assistant (PDA) could be configured to transmit wireless packets using a duplicated source MAC address of a location tag connected to an asset of high value. The location tag on that asset could then be disabled, enabling theft or tampering of the high value asset.
Research has shown that the characteristics of a transmitting wireless station vary across equipment. Research has shown, for example, that the waveform from a transmitting station, in particular, the turn-on transient information in such a waveform is usable to characterize a transmitting station, and a “RF fingerprint” determined from such information may be used to characterize, even uniquely characterize a transmitting station. RF fingerprinting to determine such an RF fingerprint has been applied to both military and cellular telephone applications.
There is still room in the art for techniques applicable to detecting spoofing in a wireless network.