Twin Ghosts: Evil Twin Attacks in Wireless Networks and Defense Mechanisms

Year 2024, Volume: 14 Issue: 2, 58 - 74, 26.12.2024

İlker Kara

https://doi.org/10.17678/beuscitech.1450756

Abstract

With the increasing adoption of wireless network technologies, a variety of attacks targeting these networks have emerged, posing significant threats to user security. One prominent type of attack is the evil twin attack, which involves the creation of fake access points, often referred to as "evil twins." In this type of attack, a malicious actor sets up a fake access point (AP) designed to closely resemble a legitimate one, thereby deceiving users into believing it is trustworthy. By exploiting these fake APs, attackers can capture user credentials and gain unauthorized access to sensitive information, potentially leading to financial exploitation or system breaches. Due to the covert nature of evil twin attacks, they can be highly effective without the users' awareness. In this study, explores the risks posed by evil twin attacks and investigates defense strategies to address the security challenges in wireless networks. To achieve this, a scenario involving an evil twin attack is developed and analyzed. In this scenario, an attacker establishes a fake wireless access point in a café or public area near the targeted institution, replicating the institution's network name and security settings to trick users into connecting to the malicious network. This study underscores the potential impacts of such attacks and outlines critical measures that both users and institutions should implement to safeguard against these threats.

Keywords

Evil Twin Attack, Security, Wireless Access Point, Fake Access Point

References

• H. Gonzales, K. Bauer, J. Lindqvist, D. McCoy, D. Sicker, "Practical defenses for evil twin attacks in 802.11," In 2010 IEEE Global Telecommunications Conference GLOBECOM 2010 IEEE. 2010. pp. 1-6.
• P. Shrivastava, J. Mohd Saalim and K. Kotaro, "EvilScout: Detection and mitigation of evil twin attack in SDN enabled WiFi." IEEE Transactions on Network and Service Management vol.17.1, pp. 89-102. 2020.
• R. Banakh, A. Piskozub, I. Opirskyy, "Devising A Method For Detecting Evil Twin” Attacks On Ieee 802.11 Networks (Wi-Fi) Wıth Knn Classıfıcatıon Model. Eastern-European Journal of Enterprise Technologies, vol.9, pp.123, 2023.
• F. Lanze, A. Panchenko, I. Ponce-Alcaide, T. Engel, "Undesired relatives: protection mechanisms against the evil twin attack in IEEE 802.11," In Proceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks, pp. 87-94, 2014.
• L. M. da Silva, V. M. Andreghetti, R. A. F. Romero, K. R. L. J. C. Branco, "Analysis and Identification of Evil Twin Attack through Data Science Techniques Using AWID3 Dataset," In Proceedings of the 6th International Conference on Machine Learning and Machine Intelligence pp. 128-135. 2023.
• A.S. Guide, "Evil Twins: Handling Repetitions in Attack-Defense Trees," In Graphical Models for Security: 4th International Workshop, GraMSec 2017, Santa Barbara, CA, USA, August 21, 2017, Revised Selected Papers, Springer. Vol. 10744, p. 17, 2018.
• R. Muthalagu, S. Sanjay, "Evil twin attack mitigation techniques in 802.11 networks," International Journal of Advanced Computer Science and Applications, vol.6, pp.12, 2021.
• M.S. Ahmad, S. Lutfi, and S. D. Abdullah. "Extended generic process model for analysis mitm attack based on evil twin." Journal of Physics: Conference Series. Vol. 1569. No. 2. IOP Publishing, 2020.
• Q. Lu, H. Qu, Y. Zhuang, X.J. Lin, Y. Zhu, Y. Liu, "A passive client-based approach to detect evil twin attacks," In 2017 IEEE Trustcom/BigDataSE/ICESS, pp. 233-239, 2017.
• A. Esser, C. Serrao, "Wi-Fi network testing using an integrated Evil-Twin framework," In 2018 Fifth International Conference on Internet of Things: Systems, Management and Security, IEEE. pp. 216-221, 2018.