不期望的亲属:IEEE 802.11中针对邪恶孪生攻击的保护机制

Fabian Lanze, A. Panchenko, Ignacio Ponce-Alcaide, T. Engel
{"title":"不期望的亲属:IEEE 802.11中针对邪恶孪生攻击的保护机制","authors":"Fabian Lanze, A. Panchenko, Ignacio Ponce-Alcaide, T. Engel","doi":"10.1145/2642687.2642691","DOIUrl":null,"url":null,"abstract":"Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their traffic is referred to in the literature as the \\emph{evil twin attack}. It allows an attacker with little effort and expenditure to fake a genuine AP and intercept, collect, or alter (potentially even encrypted) data. Due to its severity, the topic has gained remarkable research interest in the past decade. In this paper, we introduce a differentiated attacker model to express the attack in all its facets. We propose a taxonomy for classifying and structuring countermeasures and apply it to existing approaches. We are the first to conduct a comprehensive survey in this domain to reveal the potential and the limits of state-of-the-art solutions. Our study discloses an important attack scenario which has not been addressed so far, i.e., the usage of specialized software to mount the attack. We propose and experimentally validate a novel method to detect evil twin APs operated by software within a few seconds.","PeriodicalId":369459,"journal":{"name":"Q2S and Security for Wireless and Mobile Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"35","resultStr":"{\"title\":\"Undesired relatives: protection mechanisms against the evil twin attack in IEEE 802.11\",\"authors\":\"Fabian Lanze, A. Panchenko, Ignacio Ponce-Alcaide, T. Engel\",\"doi\":\"10.1145/2642687.2642691\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their traffic is referred to in the literature as the \\\\emph{evil twin attack}. It allows an attacker with little effort and expenditure to fake a genuine AP and intercept, collect, or alter (potentially even encrypted) data. Due to its severity, the topic has gained remarkable research interest in the past decade. In this paper, we introduce a differentiated attacker model to express the attack in all its facets. We propose a taxonomy for classifying and structuring countermeasures and apply it to existing approaches. We are the first to conduct a comprehensive survey in this domain to reveal the potential and the limits of state-of-the-art solutions. Our study discloses an important attack scenario which has not been addressed so far, i.e., the usage of specialized software to mount the attack. We propose and experimentally validate a novel method to detect evil twin APs operated by software within a few seconds.\",\"PeriodicalId\":369459,\"journal\":{\"name\":\"Q2S and Security for Wireless and Mobile Networks\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-09-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"35\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Q2S and Security for Wireless and Mobile Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2642687.2642691\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Q2S and Security for Wireless and Mobile Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2642687.2642691","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 35

摘要

常用的IEEE 802.11接入点(ap)标识符,如网络名称(SSID)、MAC (BSSID)或IP地址,都可能被简单地欺骗。用假ap冒充现有ap来吸引流量在文献中被称为\emph{邪恶的孪生攻击}。它允许攻击者只需花费很少的精力和费用就可以伪造一个真正的AP并拦截、收集或更改(甚至可能加密)数据。由于其严重性,该主题在过去十年中获得了显著的研究兴趣。在本文中,我们引入了一个区分攻击者模型来表达攻击的各个方面。我们提出了一种分类和构建对策的分类法,并将其应用于现有的方法。我们是第一家在这一领域进行全面调查的公司,以揭示最先进解决方案的潜力和局限性。我们的研究揭示了一个迄今为止尚未解决的重要攻击场景,即使用专门的软件进行攻击。我们提出并实验验证了一种新的方法,可以在几秒钟内通过软件检测出邪恶的孪生ap。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Undesired relatives: protection mechanisms against the evil twin attack in IEEE 802.11
Commonly used identifiers for IEEE 802.11 access points (APs), such as network name (SSID), MAC (BSSID), or IP address can be trivially spoofed. Impersonating existing APs with faked ones to attract their traffic is referred to in the literature as the \emph{evil twin attack}. It allows an attacker with little effort and expenditure to fake a genuine AP and intercept, collect, or alter (potentially even encrypted) data. Due to its severity, the topic has gained remarkable research interest in the past decade. In this paper, we introduce a differentiated attacker model to express the attack in all its facets. We propose a taxonomy for classifying and structuring countermeasures and apply it to existing approaches. We are the first to conduct a comprehensive survey in this domain to reveal the potential and the limits of state-of-the-art solutions. Our study discloses an important attack scenario which has not been addressed so far, i.e., the usage of specialized software to mount the attack. We propose and experimentally validate a novel method to detect evil twin APs operated by software within a few seconds.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信