Rogue-base station detection in WiMax/802.16 wireless access networks

We address the problem of detecting a rogue base station (BS) in WiMax/802.16 wireless access networks. A rogue us is a malicious station that impersonates a legitimate access point (AP). The rogue BS attack represents a major denial-of-service threat against wireless networks. Our approach is based on the observation that inconsistencies in the signal strength reports received by the mobile stations (MSs) can be seen if a rogue us is present in a network. These reports can be assessed by the legitimate base stations, for instance, when a mobile station undertakes a handover towards another BS. Novel algorithms for detecting violations of received signal strength reports consistency are described in this paper. These algorithms can be used by an intrusion detection system localized on the legitimate BSS or on a global network management system operating the BSS.