Practical defenses for evil twin attacks in 802.11

GLOBECOM - IEEE Global Telecommunications Conference

Volumn , Issue , 2010, Pages

  Gonzales, Harold ^a   Bauer, Kevin ^a   Lindqvist, Janne ^b   McCoy, Damon ^c   Sicker, Douglas ^a  

^a UNIVERSITY OF COLORADO   (United States)

^b CARNEGIE MELLON UNIVERSITY   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

IEEE STANDARDS; INTERNET PROTOCOLS; MALWARE; WIRELESS NETWORKS;

802.11 WIRELESS NETWORKS; ACCESS POINTS; INTERNET CONNECTIVITY; KEY-EXCHANGE; MALWARES; OPENACCESS; OUT OF BAND; PUBLIC KEYS; PUBLIC SPACE; TRUST RELATIONSHIP;

AUTHENTICATION;

EID: 79551626084     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/GLOCOM.2010.5684213     Document Type: Conference Paper

References (26)

1. A. J. Nicholson, Y. Chawathe, M. Y. Chen, B. D. Noble, and D. Wetherall, "Improved access point selection," in MobiSys, 2006.
2. J. Bellardo and S. Savage, "802.11 denial-of-service attacks: Real vulnerabilities and practical solutions," in USENIX Security, 2003.
3. T. Abdollah, "Ensnared on the wireless web," http://articles.latimes.com/2007/mar/16/local/me-wifihack16, 2007.
4. A. Lamarca, Y. Chawathe, S. Consolvo, J. Hightower, I. Smith, J. Scott, T. Sohn, J. Howard, J. Hughes, F. Potter, J. Tabert, P. Powledge, G. Borriello, and B. Schilit, "Place Lab: Device positioning using radio beacons in the wild," in Pervasive, 2005.
5. J. Pang, B. Greenstein, D. McCoy, M. Kaminsky, and S. Seshan, "Wifi-reports: Improving wireless network selection with collaboration," in MobiSys, 2009.
6. C. van Rijsbergen, Information Retrieval. 2nd ed. Butterworths, 1979.
7. N. O. Tippenhauer, K. B. Rasmussen, C. Pöpper, and S. ¡ Čapkun, "Attacks on public wlan-based positioning systems," in Mobisys, 2009.
8. "Airsnarf a rogue ap setup utility," http://airsnarf.shmoo.com/ .
9. "Kismet," http://www.kismetwireless.net.
10. J. Pang, "CRAWDAD data set cmu/hotspot (v. 2009-04-15)," Downloaded from http://crawdad.cs.dartmouth.edu/cmu/hotspot.
11. "WiGLE: Wireless geographic logging engine," http://www.wigle.net.
12. P. Funk and S. Blake-Wilson, "RFC 5281: Extensible Authentication Protocol Tunneled Transport Layer Security," August 2008.
13. "802.1X Standard," IEEE, July 2004.
14. K. Bauer, H. Gonzales, and D. McCoy, "Mitigating evil twin attacks in 802.11," in WIDA, 2008.
15. M. Bellare, C. Namprempre, D. Pointcheval, and M. Semanko, "The one-more-rsa-inversion problems and the security of chaum's blind signature scheme," Journal of Cryptology, vol. 16, no. 3, pp. 185-215, 2003.
16. R. Dingledine, N. Mathewson, and P. Syverson, "Tor: The second-generation onion router," in USENIX Security, 2004.
17. J. R. Douceur, "The sybil attack," in IPTPS, 2002.
18. T. Aura, M. Roe, and S. J. Murdoch, "Securing network location awareness with authenticated dhcp," in Securecomm, 2007.
19. T. Ylonen and C. Lonvick, "RFC 4252: The Secure Shell (SSH) Authentication Protocol," January 2006.
20. "RFC3261 SIP," http://www.faqs.org/rfcs/rfc3261.html.
21. "Host identity protocol architecture," http://www.ietf.org/rfc/ rfc4423.txt.
22. L. Poole and V. S. Pai, "ConfiDNS: Leveraging scale and history to detect compromise," in USENIX 2008 Annual Technical Conference.
23. D. Wendlandt, D. Andersen, and A. Perrig, "Perspectives: Improving ssh-style host authentication with multi-path network probing," in USENIX Annual Technical Conference, June 2008.
24. V. Roth, W. Polak, E. Rieffel, and T. Turner, "Simple and effective defense against evil twin access points," in WiSec, 2008.
25. Z. Yang, A. C. Champion, B. Gu, X. Bai, and D. Xuan, "Link-layer protection in 802.11i WLANS with dummy authentication," in WiSec, 2009.
26. D. B. Faria and D. R. Cheriton, "Detecting identity-based attacks in wireless networks using signalprints," in Wise, 2006.