Practical defenses for evil twin attacks in 802.11

Harold Gonzales*, Kevin Bauer, Janne Lindqvist, Damon McCoy, Douglas Sicker

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu

36 Sitaatiot (Scopus)


Open-access 802.11 wireless networks are commonly deployed in cafes, bookstores, and other public spaces to provide free Internet connectivity. These networks are convenient to deploy, requiring no out-of-band key exchange or prior trust relationships. However, such networks are vulnerable to a variety of threats including the evil twin attack where an adversary clones a client's previously-used access point for a variety of malicious purposes including malware injection or identity theft. We propose defenses that aim to maintain the simplicity, convenience, and usability of open-access networks while offering increased protection from evil twin attacks. First, we present an evil twin detection strategy called context-leashing that constrains access point trust by location. Second, we propose that wireless networks be identified by uncertified public keys and design an SSH-style authentication and session key establishment protocol that fits into the 802.1X standard. Lastly, to mitigate the pitfalls of SSH-style authentication, we present a crowd-sourcing-based reporting protocol that provides historical information for access point public keys while preserving the location privacy of users who contribute reports.

Otsikko2010 IEEE Global Telecommunications Conference, GLOBECOM 2010
DOI - pysyväislinkit
TilaJulkaistu - 1 jouluk. 2010
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaIEEE Global Communications Conference - Miami, Yhdysvallat
Kesto: 6 jouluk. 201010 jouluk. 2010
Konferenssinumero: 53


ConferenceIEEE Global Communications Conference


Sukella tutkimusaiheisiin 'Practical defenses for evil twin attacks in 802.11'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä