A client-side detection mechanism for evil twins

Fu Hau Hsu, Chuan Sheng Wang, Yu Liang Hsu, Yung Pin Cheng, Yu Hsiang Hsneh

研究成果: 雜誌貢獻期刊論文同行評審

11 引文 斯高帕斯(Scopus)


In this paper, we propose a client-based solution to detect “evil twin” attacks in wireless local area networks (WLANs). An evil twin is a kind of rogue Wi-Fi access point (AP) which has the same SSID name as a legitimate one and is set up by an attacker. After a victim associates his device with an evil twin, an attacker can eavesdrop sensitive data forwarded through the evil twin. Most existing detection solutions are administrator-based, which are used by wireless network administrators to verify whether a given AP is in an authorized list or not. Such administrator-based solutions are limited, hardly maintained, and difficult to protect users 24–7. Hence, we propose a client-based detection mechanism, called evil twin detector, to detect this type of attacks. An evil twin detector changes its wireless network interface card (WNIC) to monitor mode to capture wireless TCP/IP packets. Through analyzing captured packets, our detector allows client users to easily and precisely detect an evil twin, thus avoids threats created by evil twins. Our method does not need to know any authorized AP list, and does not rely on data training or machine learning technique. Finally, we implement a detecting system on Windows 7.

頁(從 - 到)76-85
期刊Computers and Electrical Engineering
出版狀態已出版 - 4月 2017


深入研究「A client-side detection mechanism for evil twins」主題。共同形成了獨特的指紋。