In this thesis, we consider a novel denial of service attack targeted at popular smartphone operating systems. This type of attack, which we call a Denial of Convenience (DoC) attack, prevents non-technical savvy victims from utilizing data services by exploiting the connectivity management protocol of smartphones' operating systems when encountered with a Wi-Fi access point. By setting up a fake Wi-Fi access point without Internet access (using simple devices such as a laptop), an adversary can prompt a smartphone with enabled Wi-Fi features to automatically terminate a valid mobile broadband connection and connect to this fake Wi-Fi access point. This, as a result, prevents the targeted smartphone from having any type of Internet connection unless the victim is capable of diagnosing the problem and disabling the Wi-Fi features manually. For the majority of smartphone users that have little networking knowledge, this can be a challenging task. We demonstrate that most current smartphones, including iPhone and Android phones, are vulnerable to this DoC attack. To address this attack, we propose implementing a novel Internet-access validation protocol to validate a Wi-Fi access point by taking advantage of the cellular network channel. It first uses the cellular network to send a secret to an Internet validation server, and tries to retrieve this secret via the newly established Wi-Fi channel to validate the connection of the Wi-Fi channel.
If this is your Honors thesis, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu
Bachelor of Science in Computer Engineering (B.S.P.E.)
College of Engineering and Computer Science
Dissertations, Academic -- Engineering and Computer Science;Engineering and Computer Science -- Dissertations, Academic
Length of Campus-only Access
Honors in the Major Thesis
Dondyk, Erich, "Denial of convenience attack to smartphones using a fake wi-fi access point" (2012). HIM 1990-2015. 1260.