Mitigating evil twin attacks in 802.11

Kevin Bauer, Harold Gonzales, Damon McCoy

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.

    Original languageEnglish (US)
    Title of host publication2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
    Pages513-516
    Number of pages4
    DOIs
    StatePublished - Dec 1 2008
    Event2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 - Austin, TX, United States
    Duration: Dec 7 2008Dec 9 2008

    Publication series

    NameConference Proceedings of the IEEE International Performance, Computing, and Communications Conference

    Other

    Other2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
    CountryUnited States
    CityAustin, TX
    Period12/7/0812/9/08

      Fingerprint

    ASJC Scopus subject areas

    • Engineering(all)

    Cite this

    Bauer, K., Gonzales, H., & McCoy, D. (2008). Mitigating evil twin attacks in 802.11. In 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008 (pp. 513-516). [4745081] (Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference). https://doi.org/10.1109/PCCC.2008.4745081