Paper Info
Title
Client-Side Evil Twin Attacks Detection Using Statistical Characteristics Of 802.11 Data Frames
Abstract
With the development of wireless network technology and popularization of mobile devices, the Wireless Local Area Network (WLAN) has become an indispensable part of our daily life. Although the 802.11-based WLAN provides enormous convenience for users to access the Internet, it also gives rise to a number of security issues. One of the most severe threat encountered by Wi-Fi users is the evil twin attacks. The evil twin, a kind of rogue access points (RAPs), masquerades as a legitimate access point (AP) to lure users to connect it. Due to the characteristics of strong concealment, high confusion, great harmfulness and easy implementation, the evil twin has led to significant loss of sensitive information and become one of the most prominent security threats in recent years. In this paper, we propose a passive client-based detection solution that enables users to independently identify and locate evil twins without any assistance from a wireless network administrator. Because of the forwarding behavior of evil twins, proposed method compares 802.11 data frames sent by target APs to users to determine evil twin attacks. We implemented our detection technique in a Python tool named ET-spotter. Through implementation and evaluation in our study, our algorithm achieves 96% accuracy in distinguishing evil twins from legitimate APs.
Year
DOI
Venue
2018
10.1587/transinf.2018EDP7030
IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS
Keywords
Field
DocType
evil twins detection, rogue access point, man-in-the-middle attack, WLAN security
Computer vision,Client-side,Man-in-the-middle attack,Computer science,Computer security,Rogue access point,Artificial intelligence,Evil twin
Journal
Volume
Issue
ISSN
E101D
10
1745-1361
Citations 
PageRank 
References 
0
0.34
13
Authors
5
Name
Order
Citations
PageRank
Qian Lu101.69
Haipeng Qu2144.60
Yuan Zhuang365.84
Xi Jun Lin46010.69
Yuzhan Ouyang500.68