Tang, Zhanyong and Zhao, Yujie and Yang, Lei and Qi, Shengde and Fang, Dingyi and Chen, Xiaojiang and Gong, Xiaoqing and Wang, Zheng (2016) DRET : a system for detecting evil-twin attacks in smart homes. In: Smart X 2016, 2016-07-29 - 2016-07-31.
Abstract
Evil-twin is one of most commonly attacks in the WIFI environments, with which an attacker can steal sensitive information by cloning a fake AP in Smart Homes. The current approaches of detecting Evil-twin AP uses some identities/fingerprints of legitimated APs to identify rouge APs. Prior work in the area uses information like SSIDs, MAC addresses, and network traffics to detect bogus APs. However, such information can be easily intimated by the attacker, leading to low detection rates. This paper introduces a novel Evil-Twin AP detection method based on received signal strength indicator (RSSI). Our approach exploits the fact that the AP location is relatively stable in Smart Homes, which is to great extent to meet the requirement of the detection factor not easy to imitate as previous refer. We employ two detection strategies: a single position detection and a multi-positioned detection methods. Our approach exploits the multipath effect of WIFI signals to translate the problem of attack detection into AP positioning detection. Compared to classical detection methods, our approach can perform detection without relying on professional devices. Experimental results show that the single position detection approach achieves 20 seconds’ reduction of delay time with an accuracy of 98%, whereas the multi-positioned detection approach achieves 90% correct.