Mitigating Evil Twin Attacks in 802.11
- 1 December 2008
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.Keywords
This publication has 4 references indexed in Scilit:
- Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0)Published by RFC Editor ,2008
- Improved access point selectionPublished by Association for Computing Machinery (ACM) ,2006
- Attacking automatic wireless network selectionPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Extensible Authentication Protocol (EAP)Published by RFC Editor ,2004