Yu Liang Hsu scite author profile

SummaryThis paper proposes a passive user‐side solution, called Wi‐Fi legal access point (AP) finder (LAF), to the notorious evil twin access point problem, which in turn can result in diverse security problems, such as fraud, identity theft, and man‐in‐the‐middle attacks. Due to the severe security threats created by evil twins, many promising solutions have been proposed. However, the majority of these solutions are designed for the administrators of wireless networks, not for Wi‐Fi users. Hence, they are either too expensive or need some data that are usually not accessible to normal users. LAF utilizes the TCP three‐way handshake‐related packets and packet forwarding property created by evil twins to find legal APs, called good twins, at public hotspots or unencrypted WLANs; thus, it does not need any data or assistance from wireless network administrators. LAF does not send exploring packets actively; hence, evil twins cannot sense its existence. No matter when and where a user needs to utilize an AP to connect to the Internet at a hotspot, he can just use LAF to find out a legal AP to connect to. Experimental results show that LAF can quickly and accurately find legal APs after observing only a few packets.

show abstract

VRS: a values‐based reputation system for web services

Hsu

Hwang

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

The reputation system is used to display the reputation of entities based on the ratings or appraisals given by users who have used or purchased those entities. Web service providers supply various reputation systems for their users. However, these promising reputation systems face some challenges. First, even though different persons have different preference and values (values are a person's beliefs about what things are good or bad), these systems still give the same rating to the same entity for all users. Second, they may be greatly influenced by Sybil attacks. In this paper, we propose a reputation system, called values‐based reputation system (VRS), to solve the aforementioned problems. VRS customizes the rating of an entity for each user based on the ratings of the entities provided by other users who have similar values or preference to the user. Experimental results on 256 users show that compared with existing reputation systems VRS is more robust to Sybil attacks and provides a recommendation rating that is closer to the rating given by the user after it used the related entity. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

ET Detector: A Client-Based Solution to Detect an Evil Twin Access Point

Hsneh

Hsu

Chen

et al. 2015

AMM

View full text Add to dashboard Cite

An evil twin is a kind of rogue Wi-Fi access point (AP) which has the same SSID name to the legitimate one and is set up by an adversary. The user who associates to the evil twin, adversary may eaves-drops sensitive data on wireless communications to the Internet. Most of existing detection solutions are administrator-based, which is used by wireless network administrator to verify whether a given AP is in an authorized list or not. Such administrator-based solutions are limited, hardly maintained, and difficult to protect users timely when the attack is launched. Hence, we propose a client-based detection by operating the wireless network interface controller (WNIC) in monitor mode and capturing the Internet packets. Through analyzing the captured packets, client users can easily and precisely detect the evil twin attack even in a complicated AP scenario as well as avoid any threat arisen from connecting to an AP. Our method does not need to know any authorized AP list, and does not rely on data training or machine learning technique of target wireless network. Finally, we implemented a detecting system on Windows 7, which is widely used nowadays.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yu Liang Hsu

A client-side detection mechanism for evil twins

A solution to detect the existence of a malicious rogue AP

A passive user‐side solution for evil twin access point detection at public hotspots

VRS: a values‐based reputation system for web services

ET Detector: A Client-Based Solution to Detect an Evil Twin Access Point

Contact Info

Product

Resources

About