Qian Lu, Haipeng Qu, Y. Zhuang, Xi Jun Lin, Yanyong Zhu, Yunzheng Liu
{"title":"A Passive Client-based Approach to Detect Evil Twin Attacks","authors":"Qian Lu, Haipeng Qu, Y. Zhuang, Xi Jun Lin, Yanyong Zhu, Yunzheng Liu","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.242","DOIUrl":null,"url":null,"abstract":"As the widespread deployment and usage of 802.11-based wireless local area networks (WLANs), Wi-Fi users are vulnerable to be attacked by a security threat called evil twins. The evil twin, a kind of rogue access points (RAPs), masquerades as a legitimate access point (AP) to lure users to connect it. Malicious adversaries can easily configure evil twins on a laptop to induce victim wireless users. The presence of such a threat continuously leads to significant loss of information. In this paper, we propose a passive client-side detection approach that allows users to independently identify and locate evil twins without any assistance from a wireless network administrator. Because of the forwarding behavior of evil twins, proposed method compares 802.11 data frames sent by target APs to users to determine evil twin attacks. We implemented our detection and location technique in a Python tool named ET-spotter. Through implementation and evaluation in our study, our algorithm achieves 96% accuracy in distinguishing evil twins from legitimate APs.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"150 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Trustcom/BigDataSE/ICESS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.242","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12
Abstract
As the widespread deployment and usage of 802.11-based wireless local area networks (WLANs), Wi-Fi users are vulnerable to be attacked by a security threat called evil twins. The evil twin, a kind of rogue access points (RAPs), masquerades as a legitimate access point (AP) to lure users to connect it. Malicious adversaries can easily configure evil twins on a laptop to induce victim wireless users. The presence of such a threat continuously leads to significant loss of information. In this paper, we propose a passive client-side detection approach that allows users to independently identify and locate evil twins without any assistance from a wireless network administrator. Because of the forwarding behavior of evil twins, proposed method compares 802.11 data frames sent by target APs to users to determine evil twin attacks. We implemented our detection and location technique in a Python tool named ET-spotter. Through implementation and evaluation in our study, our algorithm achieves 96% accuracy in distinguishing evil twins from legitimate APs.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
