In order to evaluate our scheme, we decided to implement the system in real environment instead of simulations. For most simulations, the conditions mostly are simplified too much so that the localization result is too ideal. Therefore, the whole system is field implemented in the National Chiao Tung University instead of using simulations. In the following paragraphs, the environments of our field experiments will be introduced including software and hardware as follows.
4-1. Field Experiment in NCTU
Our environmental platform is the NCTU EC building 6F and MISRC 6F; all the related dimension of the EC building is going to be listed as Table1 and the floor plan shown as the figure 25.
Length 60.4 m
Width 37.6 m
height of each floor 4.00 m
Wall material Cement
Number of rooms of 6F 25 rooms
Table1. The information about the EC building
Figure.25 Floor Plan of EC 6F 4-2. Hardware & Software
Hardware
The hardware consists of access points that are used to monitor and sniff all the packets under the wireless area network of our environment. The system are composed of two main parts, the first part is the monitor access points. The monitor access point means some special access points that support monitor mode. The purpose of monitor access points is to receive all the traffic under its wireless network interface, and these monitor access points can also change the channels to listen. By the way, once the access point change to the monitor mode, it cannot to let wireless devices to connect and can only listen the traffic under the monitoring channel. The wireless interface of the monitor access point don’t need to connect to the listening access point or ad-hoc network, and it just listen to the traffic of monitored devices.
Not all the wireless interface card support monitor mode, it dominates by the manufacture of wireless interface card.
The manufactory of our monitor access point is D-Link 1353[14]. The access point can cooperate with IEEE 802.11b [15-17], IEEE 802.11g[15-17], IEEE
802.11n[15-17], IEEE 802.3, and IEEE 802.3u and the maximum transmission rate could reach 300Mbps. The most improvement of D-link DAP 1353 is wireless coverage range is much better that it could effectively decrease the wireless signal dead space. As for security specification, it support 64/128 bit WEP [18-20], WPA [18-20], WPA2 [18-20] standards. It is also adequate for 802.11b, 802.11g, and even the latest standard 802.11n to use. The specification also list in the table 1 below.
AP manufactory and Type
D-link DAP-1353
Standards IEEE 802.11n (draft), IEEE 802.11g, IEEE 802.11b, IEEE 802.3, IEEE 802.3u
Frequency range 2412 to 2462MHz (North America) 2412 to 2472MHz (General Europe)
Table1. The specification of Monitor Access Point
Software
The monitor software in access point that can collect packet under WLAN is Airodump-ng [21-23]. It cannot work in managed mode, so you need to change the mode into monitor mode. Airodump-ng could be used to capture the 802.11 format frame and will display a list of detected wireless devices, like access points and connecting stations. The Airodump-ng can know the information including Basic Service Set ID (BSSID), Power Range (PWR), Used Channel, Cipher text mode and it’s Extended Service Set ID (ESSID). This paper mainly depends on the PWR to locate the wireless devices. PWR in Airodump-ng means the signal level reported by the wireless network card. Its significance relies on the driver, but as the signal gets higher you get closer to the access point or the moving station. If the PWR equals -1 may have three cases. The first case for AP is that the driver on the AP doesn’t support signal level reporting, and the second case for station is that if the PWR is -1 then this is for a packet which came from the AP to the client but the client transmissions are out of range for your card. It means that you are hearing only 1/2 of the communication. And the last case is that if all clients have PWR as -1 then the driver doesn't support signal level reporting. The figure.25 below is a snapshot of Airodump-ng report result in the NCTU EC6F building.
Figure.25. Snapshot of airodump-ng in NCTU EC Building 6F
4-3. Factors that Affects Experiments
1. Error of translating the real distance to the scale of the map
The error from calculating between distance real and logical distance is also a problem. Measure wireless devices are placed in the place which three WiSec Agent can detect. Owing to the error of translating the real distance to the scale of the map, showed distance in the map will have some inaccuracy.
2. Interference between Normal Access Points & Monitor Access Points
The Monitor Access Points and normal access points may use the same channel so that they will affect power rate of microwave one another.
3. Difference of Wi-Fi chip
5. Power Rate of the Access Point is Unstable
After our observations, we found that the signal strength of access point in the same place is unstable. The maximum error range is +-20, and the closer to the Monitor AP the lower the range of the error.
6. Interference of Barriers
When wireless signal passed through some barriers made of special materials, the signal of access point will decrease rapidly. For example, elevators, concrete walls, windows and so on.
7. Other Special Case
In some cases, the signal strength of the access points will increase instead of decrease owing to the nearby electric wire.