Deceiving Attackers in Wireless Local Area Networks Using Decoys

Authors

  • A. Aswin Kumar TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India
  • Ashok Kumar Mohan TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India
  • P. P. Amritha TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India

DOI:

https://doi.org/10.13052/2245-1439.7114

Keywords:

Wi-Fi, Cyber deception, Evil twin, Decoys, SSL stripping

Abstract

Detecting a malicious activity like fingerprinting on wireless local area network is a challenging task. With cyber deception strategy, we can gather information about the malicious activity by placing honeypots that can act as a trap to lure the attacker. Cyber deception is a conventional method to cloak real-time environment into a virtual legitimate environment. Our analysis shows that deception is an existing strategy in a wired LAN environment. This paper provides a wider perspective of deception strategy on wireless LAN. We primarily focus on the evil twin access point which causes serious threat to the legitimate Wi-Fi access points. Here a novel approach has been suggested to detect and identify the malicious activity by deceiving the attackers in their evil twin access points using decoys which are honeypots. The paper also provides a reliable way to gather the attacker’s activity information. We can also detect SSL stripping and DNS spoofing attack using this approach.

 

Downloads

Download data is not yet available.

Author Biographies

A. Aswin Kumar, TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India

A. Aswin Kumar is pursuing his M.Tech. in Cyber Security at TIFAC-CORE in Cyber Security from Amrita School of Engineering, Coimbtore and will graduate in 2018. He is currently working at Council of Scientific and Industrial Research – Fourth Paradigm (CSIR-4PI) as a part of the Students Programme for Advancement in Research Knowledge (SPARK) for his M.Tech. thesis. His area of research include Network Security and Reverse Engineering.

Ashok Kumar Mohan, TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India

Ashok Kumar Mohan, M.Tech. specialized in Cyber Security, is a Research Associate at TIFAC-CORE in Cyber Security, Amrita Vishwa Vidyapeetham, Coimbatore, Tamil Nadu, India. He is currently a Ph.D. scholar doing his research in the area of Cyber Forensics funded by Ministry of Electronics & Information Technology (Government of India) under Visvesvaraya PhD scheme for Electronics and IT. He is currently pursuing his research over the cyber security core vicinity in Metadata Forensics, Wireless Security Auditing, Rumor Prediction in Social Media Networks and Slack Space Analysis of NTFS File Systems. He is also the Certified EC-Council Instructor (CEI) for ethical hacking and penetration testing certification courses at the research centre.

P. P. Amritha, TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India

P. P. Amritha received her M.Tech. in Cyber Security from AmritaUniversity. She is now a Ph.D. scholar at Amrita University. Her current research interests include: Steganography and Code Obfuscation.

References

Roth, V., Polak, W., Rieffel, E., and Turner, T. (2008). Simple and effective defense against evil twin access points. In Proceedings of the first ACM conference on Wireless network security (pp. 220–235). ACM.

Bauer, K., Gonzales, H., and McCoy, D. (2008, December). Mitigating evil twin attacks in 802.11. In IEEE International Performance, computing and communications conference, 2008. IPCCC 2008. (pp. 513–516). IEEE.

Lanze, F., Panchenko, A., Ponce-Alcaide, I., and Engel, T. (2014). Undesired relatives: protection mechanisms against the evil twin attack in IEEE 802.11. In Proceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks (pp. 87–94). ACM.

Modi, V., and Parekh, C. (2017). Detection & Analysis of Evil Twin Attack in Wireless Network. International Journal of Advanced Research in Computer Science, 8(5).

Mohan, A. K., and Sethumadhavan, M. (2017). Wireless Security Auditing: Attack Vectors and Mitigation Strategies. Procedia Computer Science, 115, 674–682.

Heckman, K. E., Stech, F. J., Schmoker, B. S., and Thomas, R. K. (2015). Denial and deception in cyber defense. Computer, 48(4), 36–44.

Almeshekah, M. H., Spafford, E. H., and Atallah, M. J. (2013). Improving security using deception. Center for Education and Research Information Assurance and Security, Purdue University, Tech. Rep. CERIAS Tech Report, 13, 2013.

Horák, K., Zhu, Q., and Bošanskı, B. (2017). Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security. In International Conference on Decision and Game Theory for Security (pp. 273–294). Springer, Cham.

Heckman, K. E., Stech, F. J., Schmoker, B. S., and Thomas, R. K. (2015). Denial and deception in cyber defense. Computer,48(4), 36–44.

Wafi, H., Fiade, A., Hakiem, N., and Bahaweres, R. B. (2017). Implementation of a modern security systems honeypot Honey Network on wireless networks. In 2017 International Young Engineers Forum (YEF-ECE), (pp. 91–96). IEEE.

Santoro, D., Escudero-Andreu, G., Kyriakopoulos, K. G., Aparicio-Navarro, F. J., Parish, D. J., and Vadursi, M. (2017). A hybrid intrusion detection system for virtual jamming attacks on wireless networks. Measurement, 109, 79–87.

Rodrigues, M., and Shobayo, O. (2017). Design and Implementation of a Low-Cost Low Interaction IDS/IPS System Using Virtual Honeypot Approach. Covenant Journal of Informatics & Communication Technology, 5(1), 48–64.

Agrawal, N., and Tapaswi, S. (2017). The Performance Analysis of Honeypot Based Intrusion Detection System for Wireless Network. International Journal of Wireless Information Networks, 24(1), 14–26.

Maksutov, A. A., Cherepanov, I. A., and Alekseev, M. S. (2017). Detection and prevention of DNS spoofing attacks. In Data Science and Engineering (SSDSE), 2017 Siberian Symposium on (pp. 84–87). IEEE.

Puangpronpitag, S., and Sriwiboon, N. (2012). Simple and lightweight HTTPS enforcement to protect against SSL striping attack. In 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN), (pp. 229–234). IEEE.

Clark, J., and van Oorschot, P. C. (2013). SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements. In 2013 IEEE Symposium on Security and Privacy (SP), (pp. 511–525). IEEE.

Nath, H. V. (2011). Vulnerability Assessment Methods–A Review. In International Conference on Network Security and Applications(pp. 1–10). Springer, Berlin, Heidelberg.

Downloads

Published

2018-01-11

How to Cite

1.
Kumar AA, Mohan AK, Amritha PP. Deceiving Attackers in Wireless Local Area Networks Using Decoys. JCSANDM [Internet]. 2018 Jan. 11 [cited 2024 May 12];7(1-2):201-14. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/5295

Issue

2018: Vol 7 Iss 1-2

Section

Articles

Most read articles by the same author(s)