One problem I have is what is the definition of a rogue AP. In that article you speak of a hijacking AP as a rogue (software based). I can see that being called a rogue, but it is in an entirely different class than a rogue that is connected to the LAN.
Yes, a WIPS will detect me in the parking lot trying to hijack a users' connection, but no hacker in their right mind is trying to hijack PEAP. If they can we have bigger problems.
So, an attacker is going to look for a STA probing for an unsecured SSID. Fine, but why do it on site where there is a WIPS in place? The WIPS is useless when the victim is at the airport, hotel or coffee shop where a hijacking attack is most likely to take place.
If I (an intruder) was to place a rogue AP at a location it would not be detected by a WIPS. Why? 900MHz. 1.8GHz. Pick one. A WIPS cannot scan all frequencies (most only do 2.4GHz and 5GHz). So, a WIPS is great for policing your own employees, but if an attacker really wants in, you better hope that your WIRED network requires authentication. 802.1X baby.