Wireless LAN Communication and Detection: A Project Review
To figure out how to use the provided Wireless LAN card to retrieve signal information of surrounding wireless stations, the basic Wireless LAN operations need to be understood. Since the Wireless LAN technology is a topic too broad to be fully covered in few pages, only knowledge regarding station detection and communication are discussed in this paper. This paper critically reviews some projects in this area.
(IJCSIS) International Journal of Computer Science and Information Security, Vol. 6, No. 2, 2009 Wireless LAN Communication and Detection: A Project Review Debabala Swain, CIT M.Singh, KIST P.K.Nayak,KIST S.P.Panigrahi, KEC S.M.Rout, KIST S.Swain, KIST Bhubaneswar, Orissa, India, firstname.lastname@example.org Abstract—To figure out how to use the provided Wireless LAN process, the 802.11 security implementation Wired Equivalent card to retrieve signal information of surrounding wireless Privacy (WEP) allows the Wireless LAN networks to accept stations, the basic Wireless LAN operations need to be or reject any association request from the mobile stations. understood. Since the Wireless LAN technology is a topic too Once the association process is completed, the station is said broad to be fully covered in few pages, only knowledge regarding station detection and communication are discussed in this paper. to have joined the network. Then, the station is free to transmit This paper critically reviews some projects in this area. data within the network. To support scanning, the IEEE 802.11 standard has specified Keywords- WLAN, Location, Roaming that any 802.11 compliant devices require transmitting a beacon frame periodically to declare its existence. The beacon I. INTRODUCTION frame can be captured and informed by all other stations. The beacon frame also carries the information about the belonging It is important to realize that the Wireless LAN (IEEE station’s capabilities, such as supported data transfer rates. 802.11) is a standard that defines a common, shared operation scheme for all the 802.11 compliant devices. However, the B. Station Communication 802.11 devices may be developed using different physical The IEEE 802.11 has defined two communication modes designs that function with different signal modulation schemes to allow data transmissions between the stations: independent and the devices using different designs may not be able to mode (ad-hoc) and infrastructure mode. In the independent communicate. The IEEE 802.11 Architecture is shown to mode, the wireless stations communicate directly with each better explain the differences. other within their coverage area. In the infrastructure mode, IEEE 802.11 specifications define the Medium Access the stations communicate via wireless access points (AP). Control (MAC) and Physical (PHY) Layer components for Every packet transmission from a mobile station reaches wireless type of transmission in IEEE 802 architecture. The its desired destination by sending it through the APs. All the MAC layer is the common operation method that is used by all sub standard (e.g. IEEE 802.11b) stations intercommunicate the 802.11 or 802.11x (e.g. 802.11b) devices. In the PHY layer, using either ad-hoc or infrastructure modes. designs are differentiated and devices using different PHY There are many types of communication defined in the layers may not be able to talk to each other. The IEEE 802.11 802.11 standard and each type may use different frame has specified two underlying transmission techniques for radio, Frequency Hopping Spread Spectrum (FHSS) and Direct formats. Some types require stations associating to a network Sequence Spread Spectrum (DSSS). Both or either techniques beforehand but some do not. In the project, a communication need to be supported by the 802.11 devices so basic type, called active probing is used to retrieve signal communications can be understood. Since the FHSS and DSSS information. are not interoperable with each other, a device that uses FHSS C. Wireless LAN Positioning will not be able to interpret any information sent by a DSSS device. In current markets, the DSSS has become the favored It has found that the most current solutions are based on the implementation. The 802.11b and 802.11g added additional utilization of signal strength . The signal strength values modulation schemes to enhance the data transfer rates for from the reference stations (access points) are measured by the actual data transmissions but the basic communications are still positioning device. And based on the use of signal information done using DSSS . (signal quality, signal strength, SNR and so on), there have been two possible implementations – the empirical model and II. USEFUL TERMS propagation model. The explanations of the two models with corresponding related works are covered below. A. Station Detection III. USEFUL MODELS The communication process in any Wireless LAN network can be summarized into three steps – scanning, authentication and A. Empirical Model association. A station first scans for existence of any wireless This empirical model is based on storing pre-recorded network within the range. If there is one or more detected, the measurements in a database. A so-called “radio map” is station then can choose which network to join, through the constructed before location positioning can begin. The radio authentication and association processes. In the authentication map is the site map that contains markings of a series of 337 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 6, No. 2, 2009 selected points. The locations (coordinates) of these points are thought out so it interprets receiving radio wave signals to known and at each point the signal information, such as signal return the correct path loss values. The software needs to be strength value from the APs are collected and store into a specifically written to understand the communication at the database. When a device with unknown position requests it’s hardware layer so it obtains correct signal values for distance positioning, the signal information from all the APs are calculations. As a result, system designs using the propagation collected and sent to the database for comparison. An model are always much more complicated. empirical model program created then compares and finds the In addition to the complication of the model, many existing closest match in the entries of the known locations in the systems have shown that the accuracy of positioning will database against the entry of a known point. The location of decrease as the distance between the positioning device and this matched known entry in the database is said to be the the affiliated access point increases. It is mainly because that position of the query point (the device). Sometimes, more than closest matches are wanted and the final location is the radio signal will more likely be affected by more factors determined by averaging the coordinates of these closest (e.g. change of humidity) as it travels in longer distances in the known locations. air and the resulted path loss values of the signal when the device receives will not be the same as predicted from the As it can be immediately seen, there are two disadvantages radio propagation and path loss theories. to the systems built using the empirical model. These systems To eliminate the aforementioned problems and increase the will always require a considerable amount of manual efforts positioning accuracy, the system can be designed to give the on radio map and database constructions, when they are to be primary access point (which has the least path loss value) a used in a new environment. Another disadvantage the system higher weight in the triangulation algorithm. In addition, a can lose some accuracy when the current environment more complicated of the radio theories can be applied. condition is different the condition when the radio map was constructed. The radio wave properties in an indoor The idea of developing positioning tools with uses of the environment vary greatly depending on number of objects 802.11 standard equipments is not entirely new. There have (e.g. people). been various Wireless LAN positioning research and design However, solutions are available to counter the projects based on the empirical and propagation models. disadvantages. The map construction process can always be While the research projects concentrated on finding design automated via some software written specifically to collect the ideas that would be derived from relevant theories, the design data and write to the database. The using of such software can projects have actually gone into designing, manufacturing and greatly speed up the construction processes. Several radio supported by test results. maps of the various conditions, such as number of people in Here, any of projects that provided useful information towards the environment, can be created and selected to use depending our design are discussed here. on to the environment condition at the time of positioning. IV. SOME PROJECTS B. Propagation Model On the other hand, the prorogation model tends to be more A. RADAR Project  flexible. The model is based on the fact that as a radio wave The RADAR is an in-building radio frequency (RF) based travels through an environment it loses signal and the amount user location and tracking system. The project was one of the of signal strength that the radio wave is dependent on the very first research efforts into the Wireless LAN positioning environment. The loss of the signal strength can then be technology and many later projects were started heavily modeled by using known radio propagation and path loss replying on the methodologies it has represented. As the theories. Using these theories, the distance from a wireless RADAR’s official document describes – “the system device to an access point can then be calculated given the combines the empirical model measurements with the signal received signal strength loss value. By having the distances to propagation modeling to determine user location and thereby three or more access points, triangulation method can be enable location-aware services and applications”, which in fact applied to determine the location of the device. The means that the two models were made into separate designs propagation model is the ideal model to be used in the and tested and compared together. The project was conducted and sponsored by Microsoft Wireless LAN positioning or any other indoor positioning Research to investigate the achievable degree of accuracy systems. Because the location is computed depending solely when performs positioning using RF-based equipments. The on the relative distances to surrounding access points, the Wireless LAN devices were used throughout the project systems will be able to work in all environments as long as the testing. Instead of using Wireless LAN access points, base positions of the access points in the area map are first known. stations were all Pentium-based PCs running Free BSD 3.0 Although the propagation model is the best solution to be equipped with wireless adapters. The mobile host waited-to- used, there have been various difficulties in the actual be-tracked was a Pentium-based laptop computer running implementations. In order to achieve accurate results, the Microsoft Windows 95. signal path loss values that the positioning system received In the empirical model design, RADAR used the signal from the access points have to be precise. In many cases, it information including signal strength and signal-to-noise ratio means the systems have to be a complete design covering (SNR). The selected known points on the map radio and stored hardware and software. The hardware needs to be carefully in the database did not only contain location coordinates (x and y) but also directions (north, south, west and east). To 338 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 6, No. 2, 2009 determine the unknown point’s location, “k-nearest neighbor most probable position of the user. The server was used to search” algorithm (later explained) was used to compute k have the calculations being performed somewhere else than on number of the known locations closest to the unknown point the client, in order to save processing power on for example by matching the database entries. The k value from 1 to 10 handheld devices or slower computers. The map setup tool was experimented. created the maps that would be used on location display In the propagation model, RADAR used Wall Attenuation machines (e.g. handheld). The map setup tool assigned Factor (WAF) to calculate the distances using the path loss. coordinates and had the ability to place user specified objects The WAF equation was described as following: such as stairs and toilets on the maps. Unfortunately, the project’s design was not fully completed at the end. It was unclear if any graphical interface for displaying the positions has been created (either on server or clients). However, the project did produce some testing results n indicates the rate at which the path loss increases with and in particular, the propagation model implementation has distance, P(d 0 ) is the signal power at some reference shown positioning errors between 7.3 and 2.8 metres. distance d 0 and d is the transmitter-receiver separation C. Amulet Project  distance. C is the maximum number of obstructions (walls) up The Amulet ((Approximate Mobile User Location to which the attenuatiactor makes a difference, nW is the Tracking System) project is practical design, making uses of number of obstructions (walls) between the transmitter and similar empirical model proposal also from the RADAR receiver, and WAF is the wall attenuation factor. In general, project. Amulet is a kind of modular software. This software n , the path loss exponent and WAF depend on the building was developed solely by Mr. Blake M. Harris in the University layout and construction material and are derived empirically. Of Rochester, USA and the application operates on recent Based on the measurements in its testing environment, a WAF versions of Linux desktop operating systems. of 3.1dBm and C of 4 was chosen for the WAF equation. A The Project is a practical presentation of Wireless LAN positioning technology using the empirical model. The Amulet value of n as 1.523 and d 0 of 58.48dBm were selected by system breaks the design into three modules with finding that the values for all three access point are similar, intercommunicating with each other – Access Point Statistics despite their different physical locations and surroundings. Recorder (APSR), Nearest Neighbor Association Module In the final results published, RADAR has shown an (NNAM) and Map GUI. The APSR module is a shell script estimation error of 2.94 metres when using the empirical model that continuously logs signal information from all the and 4.3 metres when using the propagation model. requested access points. The module collected signal information from the access points by using Linux Wireless B. Advanced Wavelan Position Project  Tools iwspy interface and allowed maximum 8 entries at each The Advanced Wavelan Position Project  was a student operation (Linux Wireless Tools is discussed in later team project in Lulea University of Technology and intended chapters). The NNAM implements the k-nearest neighbor to re-experiment both empirical and propagation models algorithm, same as what was used in the RADAR project. The proposed in the RADAR project. In the implantation using the NNAM reads in the most current access point information empirical model, signal strength was the only parameter taken from the APSR, obtains the coordinates of the k nearest during the radio map construction and used later in the neighbour in signal strength space and output those positioning. In the propagation model, a simpler radio coordinates to the application that needs access to them. The propagation method was used: Map GUI module is simply an application to visualize the points included in the radio map and the location of the positioning device. The Map GUI was written in Java Swing of the Java Foundation Class (JFC) . P (d ) is the signal strength value measured at distance, “Signal quality” was the signal information collected d , P(d 0 ) is the value measured at some reference distance during the radio map and database constructions. Using the signal quality values instead of signal strength has shown d 0 . d is unknown distance to be calculated. results in no much difference to the positioning accuracies. The system design consisted of a client, a database, a server A 3 to 5 metres resolution was achieved and was slightly and a map setup tool. The client was the positioning device that less accurate than the RADAR system due to its less was responsible for collecting the signal strengths it currently detailed empirical measurements. The RADAR system used can hear, sending them to the server for processing and finally more advanced methods used in averaging signal values, as presenting the calculated location on the selected map. The well as gathered user orientation data when collecting radio database was used to store all pre-measured values if the map points. empirical model was chosen. If the propagation model was used, the database will be omitted. The server provided functionalities to receive the current signal strengths from the client and calculate and return the 339 http://sites.google.com/site/ijcsis/ ISSN 1947-5500 (IJCSIS) International Journal of Computer Science and Information Security, Vol. 6, No. 2, 2009 TABLE I. IMPIRICAL & PROPAGATION MODEL COMPARISION calculating the device coordinates and stores the calibration data. Being a commercialized product, it has claimed to achieve Characteristics Empirical Model Propagation Model up to 1 metre average in the positioning accuracy. The client and server modes enable the ability to locate positions of Design multiple devices and display all the points on any of the device. Low High Complexity Positioning Good Fair F. Other Projects Accuracy Reusability Low High There were two other projects related the Wireless LAN positioning technology. Having not been researched in depth Set-up Cost High Low during the project development, they are only listed here for readers who are interested in further studying of the topic. • CoSCo Group – University of Helsinki  The group later founded and developed the aforementioned Ekahau Positioning Engine. • SpotOn Project – University of Washington  The SpotOn is an application combining both hardware and software designs and it focuses on finding distance between two radio transceivers (Ad-hoc location). G. Comparisions Figure 1. IEEE 802.11 Architecture Having looked through various projects involved in the Wireless LAN positioning development, the advantages and D. Halibut Project  disadvantages of the empirical and propagation models can be Halibut is a research project uses the propagation model summarized as in the table 1. exclusively for the positioning and considers various parameters affecting the radio wave propagation, including V. CONCLUSION standard free space loss, signal attenuation, diffraction, multi- The designs using propagation model have shown to be path fading and a random variable to model log-normal more cost effective than the empirical model in the sense that it shadowing. An equation similar to the WAF theory used in the does not require detail measurements to generate a signal RADAR project: strength map. To design a positioning system balanced between the cost and performance, both models should be used. PI (d ) is the path loss measured at distance d, PI (d 0 ) is the REFERENCES path loss measured at some reference distance, d 0 , n is a  Matthew Gast, “802.11 Wireless Networks: The Definitive Guide”, April 2002. constant describing the path loss in the environment and X a is  Nicola Lenihan, University of Limberick, “WLAN POSITIONING”, http://www.ul.ie/nlenihan/WLAN%20positioning.pdf the zero mean Gaussian random variable describing the effects  Bahl, P. et al. Microsoft Corp. “RADAR: An In-Building RF-based User of log normal shadowing. There is no published information Location and Tracking System”, found regarding to any experiment or testing results. http://research.microsoft.com/~padmanab/papers/infocom2000.pdf  Student Project at Lulea University of Technology, “Advanced E. Ekahau Engine  WaveLan Positioning”, May 2001, Ekahau Positioning Engine is a commercially available http://web.media.mit.edu/~alisa/2001-05-23.pdf, Wireless LAN positioning tool. The engine makes uses of both  Blake M. Harris, “Amulet: Approximate Mobile User Location Tracking empirical and propagation models and has been developed to System”, http://darkfate.com/bmh/other/pubs/Amulet.pdf work on many platforms including desktop PCs, laptops and  Sun Microsystems, Inc. , “Java Foundation Classes: Cross-Platform hand-held. It is fully software based and compatible with the GUIs & Graphics “, http://java.sun.com/products/jfc/index.html newest Windows operating systems.  Stanford University, “Halibut: An Infrastructure for Wireless LAN- based Location Tracking”, http://fern2.stanford.edu/cs444n/ The Ekahau Positioning Engine comprises of three modules – Ekahau Client, Ekahau Manager and Positioning Engine. The  Ekahau, Inc., “Ekahau Technology and Products”, http://www.vtt.fi/virtual/navi/expo2003/Ekahau030402.pdf Ekahau Client is to be installed on every client device (the  University of Helsinki, “CoSCo - Complex Systems Computation device to track) and is responsible for retrieve the signal Group”, http://cosco.hiit.fi/ strength (RSSI) and other information from the supported  University of Washington, SpotON: Ad-hoc Location Sensing Wireless LAN cards. The Ekahau Manager is the application http://portolano.cs.washington.edu/projects/spoton. for site calibration using its proprietary Site Calibration technology, as well as logical areas, live tracking and accuracy analysis. The Positioning Engine is a server application for 340 http://sites.google.com/site/ijcsis/ ISSN 1947-5500