A passive user-side solution for evil twin access point detection at public hotspots

Fu Hau Hsu, Chuan Sheng Wang, Chih Wen Ou, Yu Liang Hsu

Research output: Contribution to journalArticlepeer-review

4 Scopus citations

Abstract

This paper proposes a passive user-side solution, called Wi-Fi legal access point (AP) finder (LAF), to the notorious evil twin access point problem, which in turn can result in diverse security problems, such as fraud, identity theft, and man-in-the-middle attacks. Due to the severe security threats created by evil twins, many promising solutions have been proposed. However, the majority of these solutions are designed for the administrators of wireless networks, not for Wi-Fi users. Hence, they are either too expensive or need some data that are usually not accessible to normal users. LAF utilizes the TCP three-way handshake-related packets and packet forwarding property created by evil twins to find legal APs, called good twins, at public hotspots or unencrypted WLANs; thus, it does not need any data or assistance from wireless network administrators. LAF does not send exploring packets actively; hence, evil twins cannot sense its existence. No matter when and where a user needs to utilize an AP to connect to the Internet at a hotspot, he can just use LAF to find out a legal AP to connect to. Experimental results show that LAF can quickly and accurately find legal APs after observing only a few packets.

Original languageEnglish
Article numbere4460
JournalInternational Journal of Communication Systems
Volume33
Issue number14
DOIs
StatePublished - 25 Sep 2020

Keywords

  • Wi-Fi
  • evil twin
  • rogue access point
  • wireless security

Fingerprint

Dive into the research topics of 'A passive user-side solution for evil twin access point detection at public hotspots'. Together they form a unique fingerprint.

Cite this