Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks
Proceedings of the 10th annual international conference on Mobile computing and networking
Enhancing the security of corporate Wi-Fi networks using DAIR
Proceedings of the 4th international conference on Mobile systems, applications and services
802.11 denial-of-service attacks: real vulnerabilities and practical solutions
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
ACM Transactions on Information and System Security (TISSEC)
Rogue access point detection using segmental TCP jitter
Proceedings of the 17th international conference on World Wide Web
Detecting 802.11 wireless hosts from remote passive observations
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
Hi-index | 0.00 |
Public hotspots have undeniable benefits for both users and providers. Users get ubiquitous internet access and providers attract new potential clients. However, the security mechanisms currently available (e.g. WEP, WPA) fail to prevent a myriad of attacks. A particularly damaging attack to public WiFi networks is the evil twin attack, where an attacker masquerades as a legitimate provider to mount wireless interposition attacks. This paper proposes WiFiHop, a client-sided tool that leverages the intrinsic multi-hop characteristics of the evil twin attack, to detect it. The proposed tool is technology independent (e.g. network bandwidth or latency), and detects the attacks in real time (i.e. before any user traffic is transmitted). It works with both open and encrypted networks. This tool was tested in a real-life scenario, and its effectiveness demonstrated.