TY - GEN
T1 - Mitigating evil twin attacks in 802.11
AU - Bauer, Kevin
AU - Gonzales, Harold
AU - McCoy, Damon
PY - 2008
Y1 - 2008
N2 - Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.
AB - Due to the prevalence of insecure open 802.11 access points, it is currently easy for a malicious party to launch a variety of attacks such as eavesdropping and data injection. In this paper, we consider a particular threat called the evil twin attack, which occurs when an adversary clones an open access point and exploits common automatic access point selection techniques to trick a wireless client into associating with the malicious access point. We propose two lines of defense against this attack. First, we present an evil twin detection strategy called context-leashing based upon recording the nearby access points when first associating with an access point. Using this contextual information, the client determines if an adversary has setup an evil twin access point at a different location. Next, we propose an SSH-style authentication method called EAP-SWAT to perform one-way access point authentication that fits into the extensible authentication protocol (EAP) framework.
UR - http://www.scopus.com/inward/record.url?scp=62849089985&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=62849089985&partnerID=8YFLogxK
U2 - 10.1109/PCCC.2008.4745081
DO - 10.1109/PCCC.2008.4745081
M3 - Conference contribution
AN - SCOPUS:62849089985
SN - 9781424433674
T3 - Conference Proceedings of the IEEE International Performance, Computing, and Communications Conference
SP - 513
EP - 516
BT - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
T2 - 2008 IEEE International Performance Computing and Communications Conference, IPCCC 2008
Y2 - 7 December 2008 through 9 December 2008
ER -