Abstract
Wireless networks are vulnerable to sybil attacks, in which a sybil node forges multiple identifications to trick the system and conduct harmful attacks. The traditional approach to address sybil attacks is to employ cryptographic-related methods. However, conventional security approaches may not always desirable due to their infrastructural overhead. In this paper, we propose to utilize K-means cluster analysis for detecting sybil attacks based on the spatial correlation between the signal strength and physical locations. Our approach requires minimal overhead to wireless devices. We have evaluated our methods through experimentation using both an 802.11 (WiFi) network as well as an 802.15.4 (ZigBee) network in two office buildings. Our results show that the proposed sybil attack detector is highly effective with over 95% detection rates and under 5% false positive rates.