Browse > Article
http://dx.doi.org/10.7840/kics.2014.39B.1.17

A Method of Authenticating WLAN APs for Smartphones  

Shin, DongOh (인하대학교 컴퓨터정보공학과 정보호호연구실)
Kang, Jeonil (인하대학교 컴퓨터정보공학과 정보호호연구실)
Nyang, DaeHun (인하대학교 컴퓨터정보공학과 정보호호연구실)
Lee, Sokjoon (한국전자통신연구원 사이버보안연구본부)
Lee, KyungHee (수원대학교 전기공학과)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.39B, no.1, 2014 , pp. 17-28 More about this Journal
Abstract
The increase of smartphone users have made mobile carriers offload increasingly congested traffic of 3/4G by providing Wi-Fi hot-spots in the public places such as coffee shops and subway stations. In the traditional authentication in WLAN, the users should convince the service providers that they are valid customers before they use WLAN services. Since the authentication protocol is designed for service providers. Even with the mutual authentication based on the IEEE 802.1X, which is supported by IEEE 802.11 standard, it is difficult to be convinced of that the service providers really have installed the WLAN APs, which users are confronted with. An attacker can install rogue APs that masquerade as legitimate APs by copying the SSID, MAC address, etc. in order to obtain users' private information. In this paper, we introduce a method of authenticating legitimate APs for smartphone users. And we show our proposal can be well utilized for the current Wi-Fi hot-spots as a security plug-in and prove it through our experiments.
Keywords
WLAN AP; smartphone; authentication; geometric positioning system; rogue AP prevention;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Editors of IEEE 802.11, "Wireless LAN medium access control (MAC and physical layer (PHY) specification, draft," Standard IEEE 802.11, 1997.
2 I. Kim, J. Cho, T. Shon, and J. Moon, "A method for detecting unauthorized access point over 3G network," J. The Korea Institute of Information Security & Cryptology(JKIISC), vol. 22, no. 2, pp. 259-266, Apr. 2012.   과학기술학회마을
3 S. Kang, D. Nyang, J. Choi, and S. Lee, "Relaying rogue AP detection scheme using SVM," J. The Korea Institute of Information Security & Cryptology(JKIISC), vol. 23, no. 3, pp. 431-444, Jun. 2013.   과학기술학회마을   DOI
4 H. Han, B. Sheng, C. C. Tan, Q. Li, and S. Lu, "A measurement based rogue ap detection scheme," in Proc. INFOCOM, pp. 1593-1601, Rio de Janeiro, Brasil, Apr. 2009.
5 H. Han, B. Sheng, C.C. Tan, Q. Li, and S. Lu, "A timing-based scheme for rogue AP detection," IEEE Trans. Parallel and Distributed Syst., vol. 22, no. 11, pp. 1912-1925, Nov. 2011.   DOI   ScienceOn
6 A. J. Nicholson, Y. Chawathe, M. Y. Chen, B. D. Noble, and D. Wetherall, "Improved access point selection," in Proc. MobiSys '06, pp. 233-245, NY, Jun. 2006.
7 D. Denning and P. Macdoran, "Location-based authentication: Grouding cyberspace for better security," Computer Fraud & Security, vol. 2, pp. 12-16, Feb. 1996.
8 H. Takamizawa and K. Kaijiri, "A web authentication system using location information from mobile telephones," in Proc. IASTED Int'l Conf. Web-based Education, pp. 31-36, Phuket, Thailand, Mar. 2009.
9 F. Zhang, A. Kondoro, and S. Muftic, "Location-based authentication and authorization using smart phones," in Proc. Trust, Security and Privacy in Computing and Commun. (TrustCom), pp. 1285-1292, Liverpool, UK, Jun. 2012.
10 Korea Internet & Security Agency, Wireless LAN security guide, Dec. 2011.
11 SKT, T Wi-Fi zone, Retrieved Dec., 5, 2013, from http://www.twifi.co.kr/.
12 KT, olleh Wi-Fi zone, Retrieved Dec., 5, 2013, from http://zone.wifi.olleh.com/.
13 LG U+, U+ Wi-Fi zone, Retrieved Dec. 5, 2013, from http://www.wifiworld.co.kr/main.s2.
14 Daum DNA Developer Network, Local API, Retrieved Dec. 5, 2013, from http://dna.daum.net/apis/local.
15 Naver Developer Center, Map API, Retrieved Dec. 5, 2013, from http://developer.naver.com/wiki/pages/MapAPI.
16 Google Developers, Google Maps API, Retrieved Dec. 5, 2013, from https://developers.google.com/maps/.
17 IEEE Report 802.11-03/845r1. (2003). Receiver sensitivity tables for MIMO-OFDM 802.11n, Nov. 2003.
18 J. M. Keenan, and A. J. Motley, "Radio coverage in buildings," J. British Telecom Technol., vol. 8, no. 1, pp. 19-24, Jan. 1990.
19 B. Schneier, Applied Cryptography, Second Edition, John Wiley & Sons, 1996.
20 E. Spafford, "Opus: Preventing weak password choices," Computer and Security, vol. 11, pp. 273-278, May 1992.   DOI
21 Y. Maeng, K. Kang, D. Nyang, and K. Lee, "On nessage length efficiency of two security schemes using bloom filter", KIPS Trans.: Part C, vol. 19C, no, 3, pp. 173-178, Jun. 2012.   DOI
22 S. von Watzdorf and F. Michahelles, "Accuracy of positioning data on smartphones," in Proc. 3rd Int'l Workshop on Location and the Web (LOCWEB), Article no. 2, NY, USA, Nov. 2010.
23 Ministry of Science, ICT and Future Planning, Plan to increase the number of public Wi-Fi zones to 12,000 by 2017, Retrieved Jul., 12, 2013, from http://www.msip.go.kr.