User-Side Wi-Fi Evil Twin Attack Detection Using Ssl/Tcp Protocols

Keywords

Evil Twin Attack; SSL; TCP; Wi-Fi security

Abstract

Evil Twin Attack (ETA) refers to a rogue Wi-Fi Access Point (AP) that appears to be a legitimate one but actually has been set up to eavesdrop on wireless communications [1]. Most of existing detection techniques assume that the attacker will use the same legitimate wireless network gateway to pass through victim's wireless data. These detection methods will fail if the attacker uses a different gateway, such as using his own broadband cellular connection through his own smartphone. In this paper, we present a new client-side detection method to detect such an ETA that uses a different gateway from the legitimate one. It relies on SSL/TCP connection to an arbitrary remote web server to avoid attacker's misleading message, and trying to detect the changing of gateway's public IP address by switching from one AP to another in the middle of the SSL/TCP connection. The detection method is on the client side which makes it more convenient for users to deploy and ensure their security.

Publication Date

7-14-2015

Publication Title

2015 12th Annual IEEE Consumer Communications and Networking Conference, CCNC 2015

Number of Pages

239-244

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/CCNC.2015.7157983

Socpus ID

84943163733 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84943163733

This document is currently not available here.

Share

COinS