Phishing on Open WLANs: Threat and Preventive Measure

Khanna, Isha

10 January 2010

Phishing is an internet security issue whose shape is still changing and size is still increasing. This thesis shows the possibility of a phishing attack on open, private Wireless LANs. Private WLANs which use a login page to authenticate users in hotels, airports and academic campuses are all vulnerable to this attack. Virginia Tech's WLAN is used as an example to show that the attack is possible. The attack combines two very well known attacks: one is to deceptively guide a user into logging into a fake website, which shows similar log-in page to the page of the website the user intends to go to, and the second attack is to show users a valid certificate, which does not show a warning. The rogue server takes the user to a log-in page which is similar to Virginia Tech's log-in page and shows him a valid security certificate. We present a solution to the proposed problem. Software is implemented that runs on Windows Vista. The software warns the user if there are servers with more than one type of security certificates, claiming to be from the same network. We contrast our method to already existing methods, and show in what respects our solution is better. The biggest advantage of this method is that it involves no change on the server side. It is not necessary for the users to have any prior knowledge of the network, which is very helpful when the users access WLAN at airports and hotels. Also, when using this method, the user does not need to connect to any network, and is still able to get a warning. It however, requires the user to be able to differentiate between the real and fake networks after the user has been warned. / Master of Science

Phishing

Rogue AP

SSL

Certificate

Detection of Man-in-the-middle Attacks Using Physical Layer Wireless Security Techniques

Wang, Le

27 August 2013

"In a wireless network environment, all the users are able to access the wireless channel. Thus, if malicious users exploit this feature by mimicking the characteristics of a normal user or even the central wireless access point (AP), they can intercept almost all the information through the network. This scenario is referred as a Man-in-the-middle (MITM) attack. In the MITM attack, the attackers usually set up a rogue AP to spoof the clients. In this thesis, we focus on the detection of MITM attacks in Wi-Fi networks. The thesis introduces the entire process of performing and detecting the MITM attack in two separate sections. The first section starts from creating a rogue AP by imitating the characteristics of the legitimate AP. Then a multi-point jamming attack is conducted to kidnap the clients and force them to connect to the rogue AP. Furthermore, the sniffer software is used to intercept the private information passing through the rogue AP. The second section focuses on the detection of MITM attacks from two aspects: jamming attacks detection and rogue AP detection. In order to enable the network to perform defensive strategies more effectively, distinguishing different types of jamming attacks is necessary. We begin by using signal strength consistency mechanism in order to detect jamming attacks. Then, based on the statistical data of packets send ratio (PSR) and packets delivery ratio (PDR) in different jamming situations, a model is built to further differentiate the jamming attacks. At the same time, we gather the received signal strength indication (RSSI) values from three monitor nodes which process the random RSSI values employing a sliding window algorithm. According to the mean and standard deviation curve of RSSI, we can detect if a rogue AP is present within the vicinity. All these proposed approaches, either attack or detection, have been validated via computer simulations and experimental hardware implementations including Backtrack 5 Tools and MATLAB software suite. "

RSSI

Jamming attack

rogue AP

MITM

Wi-Fi