Solution to the wireless evil-twin transmitter attack

In a wireless network comprising some receivers and a truth-teller transmitter, an attacker adds a malicious evil-twin transmitter to the network such that the evil-twin lies about its true identity and transmits like the truth-teller transmitter in the network. The truth-teller transmitter may be a malicious transmitter as well, but it is honest in that it doesn't lie about its identity. The evil-twin uses the identity of the truth teller and transmits at the same time as the truth-teller. The receivers are bound to get confused about the location of the honest transmitter. We describe an algorithm to detect such a wireless evil-twin attack, and locate the truth-teller and the evil-twin transmitter. Four-square antennas are used by the receivers to detect an attack. RSS values measured at the receivers are used by Hyperbolic Position Bounding (HPB) to locate the transmitters in the wireless network with a degree of confidence. The performance of the algorithm is tested using a simulation of a wireless network.

[1]  Jie Yang,et al.  Determining the Number of Attackers and Localizing Multiple Adversaries in Wireless Spoofing Attacks , 2009, IEEE INFOCOM 2009.

[2]  Volker Roth,et al.  Simple and effective defense against evil twin access points , 2008, WiSec '08.

[3]  David R. Cheriton,et al.  Detecting identity-based attacks in wireless networks using signalprints , 2006, WiSe '06.

[4]  Yong Sheng,et al.  Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[5]  Theodore S. Rappaport,et al.  Wireless communications - principles and practice , 1996 .

[6]  Lorne Christopher Liechty,et al.  Path Loss Measurements and Model Analysis of a 2.4 GHz Wireless Network in an Outdoor Environment , 2007 .

[7]  Bo Sheng,et al.  A Measurement Based Rogue AP Detection Scheme , 2009, IEEE INFOCOM 2009.

[8]  Richard P. Martin,et al.  Detecting and Localizing Wireless Spoofing Attacks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[9]  H.T. Friis,et al.  A Note on a Simple Transmission Formula , 1946, Proceedings of the IRE.

[10]  Michel Barbeau,et al.  Insider attack attribution using signal strength-based hyperbolic location estimation , 2008, Secur. Commun. Networks.

[11]  Lorne Liechty,et al.  Developing the Best 2.4 GHz Propagation Model from Active Network Measurements , 2007, 2007 IEEE 66th Vehicular Technology Conference.