Paper Info
Title
A Passive Client-based Approach to Detect Evil Twin Attacks
Abstract
As the widespread deployment and usage of 802.11-based wireless local area networks (WLANs), Wi-Fi users are vulnerable to be attacked by a security threat called evil twins. The evil twin, a kind of rogue access points (RAPs), masquerades as a legitimate access point (AP) to lure users to connect it. Malicious adversaries can easily configure evil twins on a laptop to induce victim wireless users. The presence of such a threat continuously leads to significant loss of information. In this paper, we propose a passive client-side detection approach that allows users to independently identify and locate evil twins without any assistance from a wireless network administrator. Because of the forwarding behavior of evil twins, proposed method compares 802.11 data frames sent by target APs to users to determine evil twin attacks. We implemented our detection and location technique in a Python tool named ET-spotter. Through implementation and evaluation in our study, our algorithm achieves 96% accuracy in distinguishing evil twins from legitimate APs.
Year
DOI
Venue
2017
10.1109/Trustcom/BigDataSE/ICESS.2017.242
2017 IEEE Trustcom/BigDataSE/ICESS
Keywords
Field
DocType
passive client-based approach,evil twin attack detection,802.11-based wireless local area networks,WLANs,Wi-Fi,security threat,rogue access points,RAPs,malicious adversaries,wireless network administrator,802.11 data frames,Python,ET-spotter
Wireless network,Wireless,Laptop,Computer security,Computer science,Computer network,Rogue access point,Local area network,Wi-Fi array,Wireless sensor network,Evil twin
Conference
ISSN
ISBN
Citations 
2324-9013
978-1-5090-4907-3
0
PageRank 
References 
Authors
0.34
18
6
Name
Order
Citations
PageRank
Qian Lu101.69
Haipeng Qu265.14
Yuan Zhuang365.84
Xi Jun Lin46010.69
Yanyong Zhu500.34
Yunzheng Liu621.05