中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/54425
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 78852/78852 (100%)
造訪人次 : 38779378      線上人數 : 798
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
    •  進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/54425


    題名: LETDoWN: A Client-based Solution to Detect an Evil Twin Access Point;LETDoWN: A Client-based Solution to Detect an Evil Twin Access Point
    作者: 薛宇翔;Hsueh,Yu-hsiang
    貢獻者: 資訊工程研究所
    關鍵詞: none;wireless;evil twin;rogue AP
    日期: 2012-07-23
    上傳時間: 2012-09-11 18:50:30 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著網際網路的普及,人們越來越倚賴網際網路來交換資訊,而為了滿足大眾隨時隨地能夠連上網路的需求,行動上網裝置與無線網路也廣泛地被部署和使用,無論在家中、企業中甚至出外旅遊等都離不開無線網路,而近年來政府單位也持續建置公用無線網路服務、打造網路城市,因此,無線網路的安全性也逐漸成為一項重要的議題。雖然無線網路帶來許多便利,但是由於少了實體網路線的連結,在無線網路的環境中存在著更多安全性威脅,而其中一個著名的威脅為 Evil Twin 攻擊。在無線網路的 Evil Twin 攻擊中,攻擊者會架設一個與正常 AP (Access Point) 同名 (SSID) 的 AP,並讓使用者在不知情的狀況下連線至該惡意 AP,藉此從中竊取使用者重要資訊。為了偵測 Evil Twin 攻擊,在先前的研究中大多數方法是由無線網路管理者的角度所提出,藉由檢查 AP 是否在認可的清單中來防止這種攻擊,但是這種作法不但效果有限並且無法在攻擊發生時即時保護一般使用者。雖然在其他研究中有基於用戶端提出一些解決的辦法,但其方法皆存在著一些現實環境中會面臨的局限性,因此,本研究首先提出藉由在使用者裝置上開啟無線網路卡的 Monitor 模式,並配合兩項測試,使得一般使用者在其能力範圍內,能夠對於開放式無線網路進行 Evil Twin 攻擊偵測。Wireless network is becoming extremely popular with the rapid development of wireless LAN technology and the wide deployment of Wi-Fi equipment. In this paper, we proposed a client-based solution detecting ``evil twin' attack in wireless local area networks (WLANs). An evil twin is a kind of rogue Wi-Fi access point (AP) which has the same SSID name to the legitimate one and is set up by an adversary. To the user who associates to the evil twin, adversary may eavesdrops sensitive data of the user on wireless communications to the Internet. Most of existing detection solutions are administrator-based, which is used by wireless network administrator to verify whether a given AP is in an authorized list or not. Such administrator-based solutions are limited, hardly maintained, and difficult to protect users timely when the attack is launched. Hence, we propose a client-based detection by operating the wireless network interface controller (WNIC) in monitor mode and capturing the Internet packets in wireless environment. Through analysing the captured packets, client users can easily and precisely detect the evil twin attack even in a complicated AP scenario as well as avoid any threat arisen from connecting to an AP. Our method does not need to know any authorized AP list, and does not rely on data training or machine learning technique of target wireless network. Finally, we implemented a detecting system, LETDoWN, on Windows 7 operating system, which is widely used nowadays.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML663檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明