A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication

Aldo Cassola, William Robertson, Engin Kirda, Guevara Noubir

Producción científica: Contribución a una conferenciaArtículorevisión exhaustiva

49 Citas (Scopus)

Resumen

Wireless networking technologies have fundamentally changed the way we compute, allowing ubiquitous, anytime, any-where access to information. At the same time, wireless technologies come with the security cost that adversaries may receive signals and engage in unauthorized communication even when not physically close to a network. Because of the utmost importance of wireless security, many standards have been developed that are in wide use to secure sensitive wireless networks; one such popular standard is WPA Enterprise. In this paper, we present a novel, highly practical, and targeted variant of a wireless evil twin attack against WPA Enterprise networks. We show significant design deficiencies in wireless management user interfaces for commodity operating systems, and also highlight the practical importance of the weak binding between wireless network SSIDs and authentication server certificates. We describe a prototype implementation of the attack, and discuss countermeasures that should be adopted. Our user experiments with 17 technically-sophisticated users show that the attack is stealthy and effective in practice. None of the victims were able to detect the attack.

Idioma originalInglés
EstadoPublicada - 2013
Publicado de forma externa
Evento20th Annual Network and Distributed System Security Symposium, NDSS 2013 - San Diego, Estados Unidos
Duración: 24 feb. 201327 feb. 2013

Conferencia

Conferencia20th Annual Network and Distributed System Security Symposium, NDSS 2013
País/TerritorioEstados Unidos
CiudadSan Diego
Período24/02/1327/02/13

Huella

Profundice en los temas de investigación de 'A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication'. En conjunto forman una huella única.

Citar esto