Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Enhancing the Reliability of Wi-Fi Network Using Evil Twin AP Detection Method Based on Machine Learning

  • Seo, Jeonghoon (Dept. of Computer Science Engineering, Chungnam National University) ;
  • Cho, Chaeho (Dept. of Computer Science Engineering, Chungnam National University) ;
  • Won, Yoojae (Dept. of Computer Science Engineering, Chungnam National University)
  • Received : 2019.10.11
  • Accepted : 2020.03.12
  • Published : 2020.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Wireless networks have become integral to society as they provide mobility and scalability advantages. However, their disadvantage is that they cannot control the media, which makes them vulnerable to various types of attacks. One example of such attacks is the evil twin access point (AP) attack, in which an authorized AP is impersonated by mimicking its service set identifier (SSID) and media access control (MAC) address. Evil twin APs are a major source of deception in wireless networks, facilitating message forgery and eavesdropping. Hence, it is necessary to detect them rapidly. To this end, numerous methods using clock skew have been proposed for evil twin AP detection. However, clock skew is difficult to calculate precisely because wireless networks are vulnerable to noise. This paper proposes an evil twin AP detection method that uses a multiple-feature-based machine learning classification algorithm. The features used in the proposed method are clock skew, channel, received signal strength, and duration. The results of experiments conducted indicate that the proposed method has an evil twin AP detection accuracy of 100% using the random forest algorithm.

Keywords

References

  1. J. Kim and I. Lee, "802.11 WLAN: history and new enabling MIMO techniques for next generation standards," IEEE Communications Magazine, vol. 53, no. 3, pp. 134-140, 2015. https://doi.org/10.1109/MCOM.2015.7060495
  2. F. H. Hsu, Y. L. Hsu, and C. S. Wang, "A solution to detect the existence of a malicious rogue AP," Computer Communications, vol. 142-143, pp. 62-68, 2019. https://doi.org/10.1016/j.comcom.2019.03.013
  3. Q. Jing, A. V. Vasilakos, J. Wan, J. Lu, and D. Qiu, "Security of the Internet of Things: perspectives and challenges," Wireless Networks, vol. 20, no. 8, pp. 2481-2501, 2014. https://doi.org/10.1007/s11276-014-0761-7
  4. P. Feng, "Wireless LAN security issues and solutions," in Proceedings of 2012 IEEE Symposium on Robotics and Applications, Kuala Lumpur, Malaysia, 2012, pp. 921-924.
  5. M. Waliullah and D. Gan, "Wireless LAN security threats and vulnerabilities," International Journal of Advanced Computer Science and Applications, vol. 5, no. 1, pp. 176-183, 2014.
  6. K. Gafurov and T. M. Chung, "Comprehensive survey on Internet of Things, architecture, security aspects, applications, related technologies, economic perspective, and future directions," Journal of Information Processing Systems, vol. 15, no. 4, pp. 797-819, 2019. https://doi.org/10.3745/JIPS.03.0125
  7. N. Y. Kim, S. Rathore, J. H. Ryu, J. H. Park, and J. H. Park, "A survey on cyber physical system security for IoT: Issues, challenges, threats, solutions," Journal of Information Processing Systems, vol. 14, no. 6, pp. 1361-1384, 2018. https://doi.org/10.3745/JIPS.03.0105
  8. B. Alotaibi and K. Elleithy, "Rogue access point detection: taxonomy, challenges, and future directions," Wireless Personal Communications, vol. 90, no. 3, pp. 1261-1290, 2016. https://doi.org/10.1007/s11277-016-3390-x
  9. V. Gupta and M. K. Rohil, "Information embedding in IEEE 802.11 beacon frame," IJCA Proceedings of National Conference on Communication Technologies & Its Impact on Next Generation Computing, vol. 2012, no. 3 pp. 12-16, 2012.
  10. H. Siadati, "Prevention, detection, and reaction to cyber impersonation attacks," PhD dissertation, New York University, NY, 2019.
  11. A. Srinivasan and J. Wu, "VOUCH-AP: privacy preserving open-access 802.11 public hotspot AP authentication mechanism with co-located evil-twins," International Journal of Security and Networks, vol. 13, no. 3, pp. 153-168, 2018. https://doi.org/10.1504/ijsn.2018.10014324
  12. Z. Tang, Y. Zhao, L. Yang, S. Qi, D. Fang, X. Chen, X. Gong, and Z. Wang, "Exploiting wireless received signal strength indicators to detect evil-twin attacks in smart homes," Mobile Information Systems, vol. 2017, article no. 1248578, 2017.
  13. M. Agarwal, S. Biswas, and S. Nandi, "An efficient scheme to detect evil twin rogue access point attack in 802.11 Wi-Fi networks," International Journal of Wireless Information Networks, vol. 25, no. 2, pp. 130-145, 2018. https://doi.org/10.1007/s10776-018-0396-1
  14. S. Jana and S. K. Kasera, "On fast and accurate detection of unauthorized wireless access points using clock skews," IEEE Transactions on Mobile Computing, vol. 9, no. 3, pp. 449-462, 2009. https://doi.org/10.1109/TMC.2009.145
  15. C. Arackaparambil, S. Bratus, A. Shubina, and D. Kotz, "On the reliability of wireless fingerprinting using clock skews," in Proceedings of the 3rd ACM Conference on Wireless Network Security, Hoboken, NJ, 2010, pp. 169-174.
  16. T. Kim, H. Park, H. Jung, and H. Lee, "Online detection of fake access points using received signal strengths," in Proceedings of 2012 IEEE 75th Vehicular Technology Conference (VTC Spring), Yokohama, Japan, 2012, pp. 1-5.
  17. J. W. Lee, S. Y. Lee, and J. S. Moon, "Detecting rogue AP using k-SVM method," Journal of the Korea Institute of Information Security and Cryptology, vol. 24, no. 1, pp. 87-95, 2014. https://doi.org/10.13089/JKIISC.2014.24.1.87
  18. S. B. Vanjale and P. B. Mane, "Multi parameter based robust and efficient rogue AP detection approach," Wireless Personal Communications, vol. 98, no. 1, pp. 139-156, 2018. https://doi.org/10.1007/s11277-017-4860-5
  19. S. Kang, D. Nyang, and K. Lee, "Evil-twin detection scheme using SVM with multi-factors," Journal of the Korean Institute of Communications and Information Sciences, vol. 40, no. 2, pp. 334-348, 2015. https://doi.org/10.7840/kics.2015.40.2.334