2022
DOI: 10.3390/app12168088
|View full text |Cite
|
Sign up to set email alerts
|

WPFD: Active User-Side Detection of Evil Twins

Abstract: The bothersome evil twin problem has an active user-side remedy in the form of the Wireless Packet Forwarding Detector (WPFD). The evil twin issue can lead to further security problems, including man-in-the-middle (MITM) attacks. Open public Wi-Fi connections have provided potential answers to this issue, although they often need more data that people either cannot get or are too pricey for regular users. The solution that we created does not require these standards. It allows users’ notebooks to be used to ch… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
5

Relationship

0
5

Authors

Journals

citations
Cited by 6 publications
(1 citation statement)
references
References 33 publications
0
1
0
Order By: Relevance
“…Simpler mechanisms for mitigating this type of vulnerability, but which are still vulnerable to misconfiguration, include network segmentation and the use of authentication methods to restrict connections to rogue access points without proper digital certificates. Current methods for detecting evil twin attacks rely on various types of device information, such as MAC addresses or SSID names [34,35], signal strength indicators (RSSIs) [36,37] and network traffic analysis, including TCP/IP header inspection [38], monitoring changes in Simple Network Management Protocol (SNMP) MIBs like tcpActiveOpens, tcpPassiveOpens, and tcpAttemptFails, and the use of access control lists [39]. Murugesan K. et al [40] pointed out that evil twin access points can enable an attacker to conduct further attacks, such as man-in-the-middle, flooding the network with useless data, denial of service, and service disruption.…”
Section: Evil Twin Exploitation Techniquementioning
confidence: 99%
“…Simpler mechanisms for mitigating this type of vulnerability, but which are still vulnerable to misconfiguration, include network segmentation and the use of authentication methods to restrict connections to rogue access points without proper digital certificates. Current methods for detecting evil twin attacks rely on various types of device information, such as MAC addresses or SSID names [34,35], signal strength indicators (RSSIs) [36,37] and network traffic analysis, including TCP/IP header inspection [38], monitoring changes in Simple Network Management Protocol (SNMP) MIBs like tcpActiveOpens, tcpPassiveOpens, and tcpAttemptFails, and the use of access control lists [39]. Murugesan K. et al [40] pointed out that evil twin access points can enable an attacker to conduct further attacks, such as man-in-the-middle, flooding the network with useless data, denial of service, and service disruption.…”
Section: Evil Twin Exploitation Techniquementioning
confidence: 99%