• Home

  • Technology

  • WiFiHop - mitigating the Evil twin attack through multi-hop detection
26
WiFiHop - Mitigating the Evil Twin Attack through Multi-hop Detection D. Mónica, C. Ribeiro INESC-ID / IST

WiFiHop - mitigating the Evil twin attack through multi-hop detection

Tags:

Embed Size (px)

DESCRIPTION

ESORICS 2011 - WiFiHop - mitigating the Evil twin attack through multi-hop detection

Citation preview

Page 1: WiFiHop - mitigating the Evil twin attack through multi-hop detection

WiFiHop - Mitigating the Evil Twin

Attack through Multi-hop

Detection

D. Mónica, C. RibeiroINESC-ID / IST

Page 2: WiFiHop - mitigating the Evil twin attack through multi-hop detection

The Evil Twin Attack

Page 3: WiFiHop - mitigating the Evil twin attack through multi-hop detection

The Evil Twin Attack

A malicious AP is configured to mimic a legitimate AP, enabling attackers to eavesdrop all wireless communications done by the victims.

Page 4: WiFiHop - mitigating the Evil twin attack through multi-hop detection

The Evil Twin Attack

A malicious AP is configured to mimic a legitimate AP, enabling attackers to eavesdrop all wireless communications done by the victims.

Page 5: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Existing Techniques

Detection by the network

Manual administrator detection (Netstumbler)

AirDefense

RIPPS

AirDefense

Yin et al. 2007

Page 6: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Existing Techniques

Client-side detection

ETSniffer

Page 7: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Existing Techniques

Client-side detection

ETSniffer

WifiHop

Page 8: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Objectives

Provide a convinient and usable technique to detect Evil Twin Attacks

Ensuring:

User-sided operation

Operation not detectable by the attacker

Capable of operation in encrypted networks

Non-disruptive operation

Page 9: WiFiHop - mitigating the Evil twin attack through multi-hop detection

WiFiHop

Page 10: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Approach

Detect a multi-hop setting between the user’s computer and the connection to the internet.

Assumes that the rogue AP will relay traffic to the internet using the original, legitimate AP

Page 11: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Solution Overview

Page 12: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Solution Overview

Page 13: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Solution Overview

Page 14: WiFiHop - mitigating the Evil twin attack through multi-hop detection

WiFiHop

Page 15: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Open WiFiHop

Page 16: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

Encrypted link between Malicious and Legitimate AP

We cannot access payloads of the exchanged packets

Encrypted

Page 17: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

We modify our scheme not to require payloads

Instead, we measure on the detection of packet lengths

WEP/WPA have deterministic, predictable packet lenghts

We create an watermark using a sequence of packets with pre-determined lengths

Page 18: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

Analysis of the probability of random generation of the watermark

We looked at the SIGCOMM trace

Total of 4 day sequence of packets

Got the least observed packet length given different analysis periods

Measured the correlations between successive lengths

Measured the amount of extraneous packets inserted amongst the watermark sequence packets

Page 19: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

Page 20: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

Page 21: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

Page 22: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Covert WiFiHop

k-state finite state machine

Progresses whenever a packet with the proper length is detected

Ignores extraenous packets (machine state never regresses)

Due to packet loss, both the client and the server repeat the requests several times

Page 23: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Testing network

Profile

DL Rate(Mbps)

ULRate (Mbps)

Low 2 1

Medium

8 5

High 16 12

Page 24: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Summary

Page 25: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Final Remarks

Page 26: WiFiHop - mitigating the Evil twin attack through multi-hop detection

Thank You

[email protected]


Mitigating Psychosis

Mitigating Psychosis

Documents
Mitigating resisting

Mitigating resisting

Business
Cooperation in Evil Embryo Adoption?. Cooperation in Evil

Cooperation in Evil Embryo Adoption?. Cooperation in Evil

Documents
Kerala Hop On Hop Off Tours

Kerala Hop On Hop Off Tours

Travel
Hear No Evil, See No Evil, Speak No Evil

Hear No Evil, See No Evil, Speak No Evil

Documents
Real LOVE ovecomes evil with good! Rom.1-3. Overcome Evil with Good Do not be overcome by evil, But overcome evil with good. Do not be overcome by evil

Real LOVE ovecomes evil with good! Rom.1-3. Overcome Evil with Good Do not be overcome by evil, But overcome evil with good. Do not be overcome by evil

Documents
Mitigating BC

Mitigating BC

Documents
Mitigating Successor Trustee Liability for Prior Fiduciary ...media.straffordpub.com/products/mitigating-successor-trustee... · Mitigating Successor Trustee Liability for Prior Fiduciary

Mitigating Successor Trustee Liability for Prior Fiduciary ...media.straffordpub.com/products/mitigating-successor-trustee... · Mitigating Successor Trustee Liability for Prior Fiduciary

Documents
Sample-based electronica Instrumental Hip-Hop, IDM, Dubstep, Drum & Bass, Downtempo, Trip-Hop, Glitch-Hop

Sample-based electronica Instrumental Hip-Hop, IDM, Dubstep, Drum & Bass, Downtempo, Trip-Hop, Glitch-Hop

Documents
“Tongue-twisters” Hippity-hoppity, hop! The green grasshoppers Go hop-hop-hop

“Tongue-twisters” Hippity-hoppity, hop! The green grasshoppers Go hop-hop-hop

Documents
Panoramic Tour (no hop-on, hop off) · 2019-11-01 · Panoramic Tour (no hop-on, hop off) Hop-on, Hop-off Tour (cruise ship days only) Big Bus Tours Muscat operates two different

Panoramic Tour (no hop-on, hop off) · 2019-11-01 · Panoramic Tour (no hop-on, hop off) Hop-on, Hop-off Tour (cruise ship days only) Big Bus Tours Muscat operates two different

Documents
Hear no evil, see no evil, patch no evil: Or, how to monkey-patch safely

Hear no evil, see no evil, patch no evil: Or, how to monkey-patch safely

Software
Resident Evil 1 - Créer un blog gratuitement - …ekladata.com/tNr7c6hW9GlQuoMSip3kE8K5yoo.pdfResident Evil: Deadly Silence 56 Resident Evil: Umbrella Chronicles 56 Resident Evil:

Resident Evil 1 - Créer un blog gratuitement - …ekladata.com/tNr7c6hW9GlQuoMSip3kE8K5yoo.pdfResident Evil: Deadly Silence 56 Resident Evil: Umbrella Chronicles 56 Resident Evil:

Documents
HOP-ON HOP-OFF TRIP

HOP-ON HOP-OFF TRIP

Documents
Evil and Suffering. Evil Evil: “physical pain, mental suffering and moral wickedness”(John Hick, Philosophy and Religion) Four types of evil : Natural

Evil and Suffering. Evil Evil: “physical pain, mental suffering and moral wickedness”(John Hick, Philosophy and Religion) Four types of evil : Natural

Documents
Tong hop hop am

Tong hop hop am

Documents
Mitigating Legal Risks of Artificial Intelligence: Best ...media.straffordpub.com/products/mitigating-legal-risks-of... · Mitigating Legal Risks of Artificial Intelligence: Best

Mitigating Legal Risks of Artificial Intelligence: Best ...media.straffordpub.com/products/mitigating-legal-risks-of... · Mitigating Legal Risks of Artificial Intelligence: Best

Documents
Optimal Link State Hop by Hop Routing

Optimal Link State Hop by Hop Routing

Documents
Optimal Link-state Hop-by-hop Routing - Cornell Universitypeople.ece.cornell.edu › atang › pub › 13 › ICNP_HALO.pdf · Optimal Link-state Hop-by-hop Routing Nithin Michael

Optimal Link-state Hop-by-hop Routing - Cornell Universitypeople.ece.cornell.edu › atang › pub › 13 › ICNP_HALO.pdf · Optimal Link-state Hop-by-hop Routing Nithin Michael

Documents
Certification of hops and hop products IHGC list of hop varieties.pdf · Certification of hops and hop products – List of world hop varieties of the International Hop Growers` Convention

Certification of hops and hop products IHGC list of hop varieties.pdf · Certification of hops and hop products – List of world hop varieties of the International Hop Growers` Convention

Documents
Mitigating Risk

Mitigating Risk

Documents
Evil Genius 1 Running Head: EVIL GENIUS - PScience · Evil Genius 1 Running Head: EVIL GENIUS . Evil Genius? How Dishonesty Can Lead to Greater Creativity . Francesca Gino . Harvard

Evil Genius 1 Running Head: EVIL GENIUS - PScience · Evil Genius 1 Running Head: EVIL GENIUS . Evil Genius? How Dishonesty Can Lead to Greater Creativity . Francesca Gino . Harvard

Documents
Individual Mitigating Circumstances & Assessment · Individual Mitigating Circumstances and Assessment Introduction General description of Individual Mitigating Circumstances 1. Individual

Individual Mitigating Circumstances & Assessment · Individual Mitigating Circumstances and Assessment Introduction General description of Individual Mitigating Circumstances 1. Individual

Documents
Mitigating Malware

Mitigating Malware

Documents
See the Little Twinkle, Twinkle, Truck, Jeep Rabbits …...Wake up soon No! Wake up bunnies! Oh, hop little rabbits, hop, hop, hop Hop little rabbits, hop, hop, hop Hop little rabbits,

See the Little Twinkle, Twinkle, Truck, Jeep Rabbits …...Wake up soon No! Wake up bunnies! Oh, hop little rabbits, hop, hop, hop Hop little rabbits, hop, hop, hop Hop little rabbits,

Documents
Mitigating cases

Mitigating cases

Documents
Belfast Hop On - Hop Off

Belfast Hop On - Hop Off

Documents
Mitigating Circumstances

Mitigating Circumstances

Documents
Deliver us from Evil - Anthropology of evil

Deliver us from Evil - Anthropology of evil

Spiritual
Hop Am Guitar Tong Hop

Hop Am Guitar Tong Hop

Documents