Mitigating evil twin attacks in 802.11

Kevin Bauer, Harold Gonzales, Damon McCoy

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.

    Original languageEnglish (US)
    Title of host publication2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
    Pages513-516
    Number of pages4
    DOIs
    StatePublished - 2008
    Event2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 - Austin, TX, United States
    Duration: Dec 7 2008Dec 9 2008

    Other

    Other2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
    CountryUnited States
    CityAustin, TX
    Period12/7/0812/9/08

    Fingerprint

    Authentication

    ASJC Scopus subject areas

    • Engineering(all)

    Cite this

    Bauer, K., Gonzales, H., & McCoy, D. (2008). Mitigating evil twin attacks in 802.11. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 (pp. 513-516). [4745081] https://doi.org/10.1109/PCCC.2008.4745081

    Mitigating evil twin attacks in 802.11. / Bauer, Kevin; Gonzales, Harold; McCoy, Damon.

    2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. p. 513-516 4745081.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Bauer, K, Gonzales, H & McCoy, D 2008, Mitigating evil twin attacks in 802.11. in 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008., 4745081, pp. 513-516, 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008, Austin, TX, United States, 12/7/08. https://doi.org/10.1109/PCCC.2008.4745081
    Bauer K, Gonzales H, McCoy D. Mitigating evil twin attacks in 802.11. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. p. 513-516. 4745081 https://doi.org/10.1109/PCCC.2008.4745081
    Bauer, Kevin ; Gonzales, Harold ; McCoy, Damon. / Mitigating evil twin attacks in 802.11. 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008. 2008. pp. 513-516
    @inproceedings{6d960051799542939acafe73762d699c,
    title = "Mitigating evil twin attacks in 802.11",
    abstract = "Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.",
    author = "Kevin Bauer and Harold Gonzales and Damon McCoy",
    year = "2008",
    doi = "10.1109/PCCC.2008.4745081",
    language = "English (US)",
    isbn = "9781424433674",
    pages = "513--516",
    booktitle = "2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008",

    }

    TY - GEN

    T1 - Mitigating evil twin attacks in 802.11

    AU - Bauer, Kevin

    AU - Gonzales, Harold

    AU - McCoy, Damon

    PY - 2008

    Y1 - 2008

    N2 - Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.

    AB - Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.

    UR - http://www.scopus.com/inward/record.url?scp=62849089985&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=62849089985&partnerID=8YFLogxK

    U2 - 10.1109/PCCC.2008.4745081

    DO - 10.1109/PCCC.2008.4745081

    M3 - Conference contribution

    SN - 9781424433674

    SP - 513

    EP - 516

    BT - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008

    ER -