Practical defenses for evil twin attacks in 802.11

Harold Gonzales*, Kevin Bauer, Janne Lindqvist, Damon McCoy, Douglas Sicker

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference contributionScientificvertaisarvioitu

26 Sitaatiot (Scopus)

Abstrakti

Open-access 802.11 wireless networks are commonly deployed in cafes, bookstores, and other public spaces to provide free Internet connectivity. These networks are convenient to deploy, requiring no out-of-band key exchange or prior trust relationships. However, such networks are vulnerable to a variety of threats including the evil twin attack where an adversary clones a client's previously-used access point for a variety of malicious purposes including malware injection or identity theft. We propose defenses that aim to maintain the simplicity, convenience, and usability of open-access networks while offering increased protection from evil twin attacks. First, we present an evil twin detection strategy called context-leashing that constrains access point trust by location. Second, we propose that wireless networks be identified by uncertified public keys and design an SSH-style authentication and session key establishment protocol that fits into the 802.1X standard. Lastly, to mitigate the pitfalls of SSH-style authentication, we present a crowd-sourcing-based reporting protocol that provides historical information for access point public keys while preserving the location privacy of users who contribute reports.

AlkuperäiskieliEnglanti
Otsikko2010 IEEE Global Telecommunications Conference, GLOBECOM 2010
DOI - pysyväislinkit
TilaJulkaistu - 1 joulukuuta 2010
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaIEEE Global Communications Conference - Miami, Yhdysvallat
Kesto: 6 joulukuuta 201010 joulukuuta 2010
Konferenssinumero: 53

Conference

ConferenceIEEE Global Communications Conference
LyhennettäGLOBECOM
Maa/AlueYhdysvallat
KaupunkiMiami
Ajanjakso06/12/201010/12/2010

Sormenjälki

Sukella tutkimusaiheisiin 'Practical defenses for evil twin attacks in 802.11'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä