For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Development of Cloud-Dust Based Intelligent Maximum Power Analysis System for Photovoltaic
p.881
Energy-Efficient 2-Covered Path Routing for Distributed Wireless Sensor Networks with Variable Transmission Ranges
p.886
Enhancements of SVM Speaker Recognition by Dynamic Time Wrapping
p.891
Enhancing the Effect on Project Success through Information Presentation
p.895
ET Detector: A Client-Based Solution to Detect an Evil Twin Access Point
p.900
Evaluation of Traffic Data Collection Method
p.905
FCA-Based Data Analysis for Discovering Association Rules in Social Network Service
p.910
Home Security Service Enhanced with Information Stations
p.915
Impact of Informal Network on Opinion Dynamics in Command and Control Network
p.919

ET Detector: A Client-Based Solution to Detect an Evil Twin Access Point

Article Preview

Abstract:

An evil twin is a kind of rogue Wi-Fi access point (AP) which has the same SSID name to the legitimate one and is set up by an adversary. The user who associates to the evil twin, adversary may eaves-drops sensitive data on wireless communications to the Internet. Most of existing detection solutions are administrator-based, which is used by wireless network administrator to verify whether a given AP is in an authorized list or not. Such administrator-based solutions are limited, hardly maintained, and difficult to protect users timely when the attack is launched. Hence, we propose a client-based detection by operating the wireless network interface controller (WNIC) in monitor mode and capturing the Internet packets. Through analyzing the captured packets, client users can easily and precisely detect the evil twin attack even in a complicated AP scenario as well as avoid any threat arisen from connecting to an AP. Our method does not need to know any authorized AP list, and does not rely on data training or machine learning technique of target wireless network. Finally, we implemented a detecting system on Windows 7, which is widely used nowadays.

You might also be interested in these eBooks
Modern Design Technologies and Experiment for Advanced Manufacture and Industry View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 764-765)

Pages:

900-904

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.764-765.900

Citation:

Cite this paper

Online since:

May 2015

Authors:

Yu Hsiang Hsneh, Fu Hau Hsu, Shih Jen Chen, Yao Hsin Chen, Yan Ling Hwang, Chuan Sheng Wang, Yu Liang Hsu*

Keywords:

Evil Twin, Rogue Ap, Wireless

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2015 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

* - Corresponding Author

References

[1] Bahl, P., Chandra, R., Padhye, J., Ravindranath, L., Singh, M., Wolman, A., & Zill, B.: 2006. Enhancing the security of corporate wi-fi networks using dair. In Proceedings of the 4th international conference on Mobile systems, applications and services, ser. MobiSys '06. New York, NY, USA: ACM, 2006, pp.1-14.

DOI: 10.1145/1134680.1134682

Google Scholar

[2] Bellardo, J., & Savage, S.: 2003. 802. 11 denial-of-service attacks: Real vulnerabilities and practical solutions. In USENIX Security Symposium, Auguest (2003).

Google Scholar

[3] Cisco. 2007. Rogue detection under unified wireless networks.

Google Scholar

[4] Nikbakhsh, S., Manaf, A., Zamani, M., & Janbeglou, M.: 2012. A novel approach for rogue access point detection on the client-side. In Advanced Information Networking and Applications Workshops (WAINA), 2012 26th International Conference on, March 2012, pp.684-687.

DOI: 10.1109/waina.2012.108

Google Scholar

[5] Song, Y., Yang, C., & Gu, G.: 2010. Who is peeping at your passwords at starbucks? –to catch an evil twin access point. In Dependable Systems and Networks (DSN), 2010 IEEE/IFIP International Conference on, 28 2010-July 1 2010, pp.323-332.

DOI: 10.1109/dsn.2010.5544302

Google Scholar

[6] Wei, W., Wang, B., Zhang, C., Kurose, J., & Towsley, D.: 2008. Classification of access network types: Ethernet, wireless lan, adsl, cable modem or dialup?. Comput. Netw., vol. 52, no. 17, pp.3205-3217, Dec. (2008).

DOI: 10.1016/j.comnet.2008.08.018

Google Scholar

[7] Wikipedia. 2012. Received signal strength indication.

Google Scholar

[8] Yin, H., Chen, G., & Wang, J.: 2007. Detecting protected layer-3 rogue aps. In Broadband Communications, Networks and Systems, 2007. BROADNETS 2007. Fourth International Conference on, Sept. 2007, pp.449-458.

DOI: 10.1109/broadnets.2007.4550468

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.