Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks

Hendershot, Travis S.

01 November 2016

Wireless clients are vulnerable to exploitation by evil twins due to flaws in the authentication process of 802.11 Wi-Fi networks. Current certificate-based wireless authentication protocols present a potential solution, but are limited in their ability to provide a secure and usable platform for certificate validation. Our work seeks to mitigate these limitations by exploring a client-side strategy for utilizing alternative trust models in wireless network authentication. We compile a taxonomy of various trust models for conducting certificate-based authentication of wireless networks and methodically evaluate each model according to desirable properties of security, usability, and deployability. We then build a platform for leveraging alternative certificate-based trust models in wireless networks, present a proof-of-concept using one of the most promising alternative validation models identified--a whitelisting and pinning hybrid--and examine its effectiveness at defending against evil twin attacks in 802.11 networks.

Wireless networks

authentication

public key cryptography

evil twin

Computer Sciences

Development of a Client-Side Evil Twin Attack Detection System for Public Wi-Fi Hotspots based on Design Science Approach

Horne, Liliana R.

01 January 2018

Users and providers benefit considerably from public Wi-Fi hotspots. Users receive wireless Internet access and providers draw new prospective customers. While users are able to enjoy the ease of Wi-Fi Internet hotspot networks in public more conveniently, they are more susceptible to a particular type of fraud and identify theft, referred to as evil twin attack (ETA). Through setting up an ETA, an attacker can intercept sensitive data such as passwords or credit card information by snooping into the communication links. Since the objective of free open (unencrypted) public Wi-Fi hotspots is to provide ease of accessibility and to entice customers, no security mechanisms are in place. The public’s lack of awareness of the security threat posed by free open public Wi-Fi hotspots makes this problem even more heinous. Client-side systems to help wireless users detect and protect themselves from evil twin attacks in public Wi-Fi hotspots are in great need. In this dissertation report, the author explored the problem of the need for client-side detection systems that will allow wireless users to help protect their data from evil twin attacks while using free open public Wi-Fi. The client-side evil twin attack detection system constructed as part of this dissertation linked the gap between the need for wireless security in free open public Wi-Fi hotspots and limitations in existing client-side evil twin attack detection solutions. Based on design science research (DSR) literature, Hevner’s seven guidelines of DSR, Peffer’s design science research methodology (DSRM), Gregor’s IS design theory, and Hossen & Wenyuan’s (2014) study evaluation methodology, the author developed design principles, procedures and specifications to guide the construction, implementation, and evaluation of a prototype client-side evil twin attack detection artifact. The client-side evil twin attack detection system was evaluated in a hotel public Wi-Fi environment. The goal of this research was to develop a more effective, efficient, and practical client-side detection system for wireless users to independently detect and protect themselves from mobile evil twin attacks while using free open public Wi-Fi hotspots. The experimental results showed that client-side evil twin attack detection system can effectively detect and protect users from mobile evil twin AP attacks in public Wi-Fi hotspots in various real-world scenarios despite time delay caused by many factors.

design science research

evil twin attack

public Wi-Fi hotspots

wireless security

Computer Sciences