Practical defenses for evil twin attacks in 802.11

Harold Gonzales, Kevin Bauer, Janne Lindqvist, Damon McCoy, Douglas Sicker

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Open-access 802.11 wireless networks are commonly deployed in cafes, bookstores, and other public spaces to provide free Internet connectivity. These networks are convenient to deploy, requiring no out-of-band key exchange or prior trust relationships. However, such networks are vulnerable to a variety of threats including the evil twin attack where an adversary clones a client's previously-used access point for a variety of malicious purposes including malware injection or identity theft. We propose defenses that aim to maintain the simplicity, convenience, and usability of open-access networks while offering increased protection from evil twin attacks. First, we present an evil twin detection strategy called context-leashing that constrains access point trust by location. Second, we propose that wireless networks be identified by uncertified public keys and design an SSH-style authentication and session key establishment protocol that fits into the 802.1X standard. Lastly, to mitigate the pitfalls of SSH-style authentication, we present a crowd-sourcing-based reporting protocol that provides historical information for access point public keys while preserving the location privacy of users who contribute reports.

    Original languageEnglish (US)
    Title of host publication2010 IEEE Global Telecommunications Conference, GLOBECOM 2010
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    ISBN (Print)9781424456383
    DOIs
    StatePublished - 2010
    Event53rd IEEE Global Communications Conference, GLOBECOM 2010 - Miami, FL, United States
    Duration: Dec 6 2010Dec 10 2010

    Publication series

    NameGLOBECOM - IEEE Global Telecommunications Conference

    Other

    Other53rd IEEE Global Communications Conference, GLOBECOM 2010
    Country/TerritoryUnited States
    CityMiami, FL
    Period12/6/1012/10/10

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering

    Fingerprint

    Dive into the research topics of 'Practical defenses for evil twin attacks in 802.11'. Together they form a unique fingerprint.

    Cite this