A solution to detect the existence of a malicious rogue AP

Fu Hau Hsu, Yu Liang Hsu, Chuan Sheng Wang

研究成果: 雜誌貢獻期刊論文同行評審

7 引文 斯高帕斯(Scopus)


A malicious rogue AP works like an evil twin; however, instead of using a good twin to connect to the Internet, a malicious rogue AP uses a 3G/4G mobile network to connect to the Internet. While administrators have sufficient information to distinguish rogue APs, it is difficult for client users to know whether they are using a wireless network with malicious an AP. To solve evil twin problems at client-side, many solutions make their detection based on some time metrics or evil twin features. However, time metrics may be influenced by pre-fetching, network topology, traffic volume, or network types. And the evil twin features such as packet forwarding cannot distinguish malicious rogue APs because they behave just like a legitimate AP. To solve above problem, this paper proposes an active user-side solution, called Wi-Fi Malicious Rogue AP Finder (RAF). RAF can be installed in any computer or laptop without any special requirement. RAF detect the existence of a malicious rogue AP based on different reverse traceroute information collected by a remote server. To the best of our knowledge, RAF is the first one client-side solution which could detect malicious rogue APs based on path information but not time metrics.

頁(從 - 到)62-68
期刊Computer Communications
出版狀態已出版 - 15 6月 2019


深入研究「A solution to detect the existence of a malicious rogue AP」主題。共同形成了獨特的指紋。