Deceiving Attackers in Wireless Local Area Networks Using Decoys
Keywords:Wi-Fi, Cyber deception, Evil twin, Decoys, SSL stripping
Detecting a malicious activity like fingerprinting on wireless local area network is a challenging task. With cyber deception strategy, we can gather information about the malicious activity by placing honeypots that can act as a trap to lure the attacker. Cyber deception is a conventional method to cloak real-time environment into a virtual legitimate environment. Our analysis shows that deception is an existing strategy in a wired LAN environment. This paper provides a wider perspective of deception strategy on wireless LAN. We primarily focus on the evil twin access point which causes serious threat to the legitimate Wi-Fi access points. Here a novel approach has been suggested to detect and identify the malicious activity by deceiving the attackers in their evil twin access points using decoys which are honeypots. The paper also provides a reliable way to gather the attacker’s activity information. We can also detect SSL stripping and DNS spoofing attack using this approach.
Roth, V., Polak, W., Rieffel, E., and Turner, T. (2008). Simple and effective defense against evil twin access points. In Proceedings of the first ACM conference on Wireless network security (pp. 220–235). ACM.
Bauer, K., Gonzales, H., and McCoy, D. (2008, December). Mitigating evil twin attacks in 802.11. In IEEE International Performance, computing and communications conference, 2008. IPCCC 2008. (pp. 513–516). IEEE.
Lanze, F., Panchenko, A., Ponce-Alcaide, I., and Engel, T. (2014). Undesired relatives: protection mechanisms against the evil twin attack in IEEE 802.11. In Proceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks (pp. 87–94). ACM.
Modi, V., and Parekh, C. (2017). Detection & Analysis of Evil Twin Attack in Wireless Network. International Journal of Advanced Research in Computer Science, 8(5).
Mohan, A. K., and Sethumadhavan, M. (2017). Wireless Security Auditing: Attack Vectors and Mitigation Strategies. Procedia Computer Science, 115, 674–682.
Heckman, K. E., Stech, F. J., Schmoker, B. S., and Thomas, R. K. (2015). Denial and deception in cyber defense. Computer, 48(4), 36–44.
Almeshekah, M. H., Spafford, E. H., and Atallah, M. J. (2013). Improving security using deception. Center for Education and Research Information Assurance and Security, Purdue University, Tech. Rep. CERIAS Tech Report, 13, 2013.
Horák, K., Zhu, Q., and Bošanskı, B. (2017). Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security. In International Conference on Decision and Game Theory for Security (pp. 273–294). Springer, Cham.
Heckman, K. E., Stech, F. J., Schmoker, B. S., and Thomas, R. K. (2015). Denial and deception in cyber defense. Computer,48(4), 36–44.
Wafi, H., Fiade, A., Hakiem, N., and Bahaweres, R. B. (2017). Implementation of a modern security systems honeypot Honey Network on wireless networks. In 2017 International Young Engineers Forum (YEF-ECE), (pp. 91–96). IEEE.
Santoro, D., Escudero-Andreu, G., Kyriakopoulos, K. G., Aparicio-Navarro, F. J., Parish, D. J., and Vadursi, M. (2017). A hybrid intrusion detection system for virtual jamming attacks on wireless networks. Measurement, 109, 79–87.
Rodrigues, M., and Shobayo, O. (2017). Design and Implementation of a Low-Cost Low Interaction IDS/IPS System Using Virtual Honeypot Approach. Covenant Journal of Informatics & Communication Technology, 5(1), 48–64.
Agrawal, N., and Tapaswi, S. (2017). The Performance Analysis of Honeypot Based Intrusion Detection System for Wireless Network. International Journal of Wireless Information Networks, 24(1), 14–26.
Maksutov, A. A., Cherepanov, I. A., and Alekseev, M. S. (2017). Detection and prevention of DNS spoofing attacks. In Data Science and Engineering (SSDSE), 2017 Siberian Symposium on (pp. 84–87). IEEE.
Puangpronpitag, S., and Sriwiboon, N. (2012). Simple and lightweight HTTPS enforcement to protect against SSL striping attack. In 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN), (pp. 229–234). IEEE.
Clark, J., and van Oorschot, P. C. (2013). SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements. In 2013 IEEE Symposium on Security and Privacy (SP), (pp. 511–525). IEEE.
Nath, H. V. (2011). Vulnerability Assessment Methods–A Review. In International Conference on Network Security and Applications(pp. 1–10). Springer, Berlin, Heidelberg.