🤖 AI Summary
This study addresses the limitations of existing approaches to physically locating unauthorized wireless devices—namely, slow response times and reliance on dense sensor deployments or prior radio-frequency knowledge—by proposing a zero-configuration, infrastructure-free autonomous localization method. The approach employs a single quadruped robot equipped with a standard 802.11 interface to collect spatially tagged RSSI measurements during autonomous patrols. Offline estimation of rogue device locations is achieved through a weighted centroid algorithm combined with multi-patrol data fusion. In real indoor environments, the system achieves a median localization error of 1.62 meters in a single patrol; after fusing multiple patrols, five out of six devices are localized within 1 meter, with blind-test targets achieving errors of 0.34 meters and 1.84 meters, respectively. This work represents the first demonstration of high-accuracy rogue device detection and localization using only a general-purpose robot.
📝 Abstract
Physically localizing unauthorized wireless devices remains a critical bottleneck in cyber-physical security operations, where rogue access points can provide entry points for lateral movement and persistent compromise. While such devices can often be detected through network-side mechanisms, determining their physical location typically requires dense sensing infrastructure, site-specific RF fingerprinting, or manual inspection, limiting timely incident response. We investigate whether a single commodity robot can autonomously detect and localize rogue wireless devices under zero-configuration constraints, without RF fingerprinting, pre-installed sensors, or site calibration. We present RogueRover, an end-to-end system in which a quadruped robot autonomously patrols, collects spatially labeled RSSI measurements via a standard 802.11 interface, and estimates device locations offline. We evaluate the system across 11 patrol runs in a real indoor environment, with 6 rogue devices deployed under heterogeneous propagation conditions. Across 62 AP-patrol sessions, RogueRover achieves a median single-patrol localization error of 1.62 m without prior RF knowledge. Under multi-run aggregation, five of six devices are localized within 1 m. A blind trial validates the full pipeline, correctly identifying rogue devices among 73 observed BSSIDs and localizing them with errors of 0.34 m and 1.84 m. Across environments, simple weighted-centroid estimators perform comparably to, or better than, parametric path-loss models, indicating that measurement coverage from autonomous patrols is the primary determinant of localization accuracy under zero-prior constraints. Our results demonstrate that infrastructure-free, autonomous localization is feasible in practice, enabling rapid physical incident response in cyber-physical environments without additional sensing infrastructure.