Accepted author manuscript, 2.17 MB, PDF document
Research output: Contribution to conference - Without ISBN/ISSN › Conference paper
Research output: Contribution to conference - Without ISBN/ISSN › Conference paper
}
TY - CONF
T1 - DRET
T2 - Smart X 2016
AU - Tang, Zhanyong
AU - Zhao, Yujie
AU - Yang, Lei
AU - Qi, Shengde
AU - Fang, Dingyi
AU - Chen, Xiaojiang
AU - Gong, Xiaoqing
AU - Wang, Zheng
PY - 2016/7/29
Y1 - 2016/7/29
N2 - Evil-twin is one of most commonly attacks in the WIFI environments, with which an attacker can steal sensitive information by cloning a fake AP in Smart Homes. The current approaches of detecting Evil-twin AP uses some identities/fingerprints of legitimated APs to identify rouge APs. Prior work in the area uses information like SSIDs, MAC addresses, and network traffics to detect bogus APs. However, such information can be easily intimated by the attacker, leading to low detection rates. This paper introduces a novel Evil-Twin AP detection method based on received signal strength indicator (RSSI). Our approach exploits the fact that the AP location is relatively stable in Smart Homes, which is to great extent to meet the requirement of the detection factor not easy to imitate as previous refer. We employ two detection strategies: a single position detection and a multi-positioned detection methods. Our approach exploits the multipath effect of WIFI signals to translate the problem of attack detection into AP positioning detection. Compared to classical detection methods, our approach can perform detection without relying on professional devices. Experimental results show that the single position detection approach achieves 20 seconds’ reduction of delay time with an accuracy of 98%, whereas the multi-positioned detection approach achieves 90% correct.
AB - Evil-twin is one of most commonly attacks in the WIFI environments, with which an attacker can steal sensitive information by cloning a fake AP in Smart Homes. The current approaches of detecting Evil-twin AP uses some identities/fingerprints of legitimated APs to identify rouge APs. Prior work in the area uses information like SSIDs, MAC addresses, and network traffics to detect bogus APs. However, such information can be easily intimated by the attacker, leading to low detection rates. This paper introduces a novel Evil-Twin AP detection method based on received signal strength indicator (RSSI). Our approach exploits the fact that the AP location is relatively stable in Smart Homes, which is to great extent to meet the requirement of the detection factor not easy to imitate as previous refer. We employ two detection strategies: a single position detection and a multi-positioned detection methods. Our approach exploits the multipath effect of WIFI signals to translate the problem of attack detection into AP positioning detection. Compared to classical detection methods, our approach can perform detection without relying on professional devices. Experimental results show that the single position detection approach achieves 20 seconds’ reduction of delay time with an accuracy of 98%, whereas the multi-positioned detection approach achieves 90% correct.
KW - Smart Homes
KW - Evil-Twin Attack
KW - RSSI
KW - Detection
M3 - Conference paper
Y2 - 29 July 2016 through 31 July 2016
ER -