Trident: Context-based Reverse Authentication for Phishing AP Detection in Commodity WiFi Networks | |
Zhao, Peng ; Bian, Kaigui ; Chen, Ping ; Zhao, Tong ; Duan, Yichun ; Yan, Wei | |
2016 | |
英文摘要 | In urban areas, WiFi is the most widely-deployed portal for users to acquire the broadband access. Meanwhile, phishing AP (access point)-a rogue AP that falsifies the SSID (or even the BSSID) of a legitimate corporate AP-has caused many security problems in commodity WiFi networks. Existing research on the phishing AP detection can be divided into two categories: (1) the hardware-based approach usually deploys sensors (sniffers and/or USB-based wireless adapters) and conducts radio frequency (RF) sensing at a large scale to detect the anomaly at link and physical layers; and (2) the measurement-based approach enables a laptop to determine the legitimacy of a given AP by monitoring the RTT (round trip time) of data and/or control messages. However, these approaches require the additional cost on either the hardware deployment, or periodic statistical measurements. In this paper, we present Trident, a context-based reverse authentication method for detecting phishing AP in commodity WiFi networks, which requires no extra hardware deployment or periodic statistical measurements. Specifically, Trident employs a challenge-response protocol that allows a user to (reversely) authenticate an AP by two steps: (1) sending the AP a few questions regarding three user-context features (time, location, traffic) during the user-AP interaction procedure, and (2) examining the answers returned by the AP to determine its legitimacy. Our experimental results reveal that Trident achieves a high reliability rate(1) of 95% and a detection rate of 98% when users are connecting rogue APs in the commodity WiFi network on campus.; National Nature Science Foundation of China [61272340, 61572051]; CPCI-S(ISTP) |
语种 | 英语 |
出处 | 84th IEEE Vehicular Technology Conference (VTC-Fall) |
内容类型 | 其他 |
源URL | [http://ir.pku.edu.cn/handle/20.500.11897/470145] |
专题 | 信息科学技术学院 |
推荐引用方式 GB/T 7714 | Zhao, Peng,Bian, Kaigui,Chen, Ping,et al. Trident: Context-based Reverse Authentication for Phishing AP Detection in Commodity WiFi Networks. 2016-01-01. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论