摘要
A malicious rogue AP works like an evil twin; however, instead of using a good twin to connect to the Internet, a malicious rogue AP uses a 3G/4G mobile network to connect to the Internet. While administrators have sufficient information to distinguish rogue APs, it is difficult for client users to know whether they are using a wireless network with malicious an AP. To solve evil twin problems at client-side, many solutions make their detection based on some time metrics or evil twin features. However, time metrics may be influenced by pre-fetching, network topology, traffic volume, or network types. And the evil twin features such as packet forwarding cannot distinguish malicious rogue APs because they behave just like a legitimate AP. To solve above problem, this paper proposes an active user-side solution, called Wi-Fi Malicious Rogue AP Finder (RAF). RAF can be installed in any computer or laptop without any special requirement. RAF detect the existence of a malicious rogue AP based on different reverse traceroute information collected by a remote server. To the best of our knowledge, RAF is the first one client-side solution which could detect malicious rogue APs based on path information but not time metrics.
原文 | ???core.languages.en_GB??? |
---|---|
頁(從 - 到) | 62-68 |
頁數 | 7 |
期刊 | Computer Communications |
卷 | 142-143 |
DOIs | |
出版狀態 | 已出版 - 15 6月 2019 |