Abstract
This paper presents a Wi-Fi Evil Twin, Man in the Middle attack (MiTM), which utilizes channel switch announcement (802.11h). The proposed technique examines and demonstrates through measurements the feasibility to perform a successful MiTM attack, when the target receives a lower received signal strength from the rogue access point (AP), compared to the received signal strength received by the legitimate AP. The above signal strength condition can allow the execution of a successful MiTM attack from relatively longer distances, since the rogue AP does not have to compete, signal strength wise, with the legitimate AP. Initial results suggest that the attack can be successfully performed. Furthermore, the attack is specific to a target and does not disrupt the operation of other targets, making the attack stealthy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
LWN Page. https://lwn.net/2001/1011/a/wlan-security.php3. Released 2001
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) Selected Areas in Cryptography. SAC 2001. Lecture Notes in Computer Science, vol 2259. Springer, Heidelberg (2001)
darkAudax aircrack-ng page. Tutorial: How to Crack WPA/WPA2 2010/03/07
Hashcat Page. https://hashcat.net/forum/thread-7717.html Accessed 08 Apr 2018
Vanhoef, M., Piessens, F.: Key reinstallation attacks: forcing nonce reuse in WPA2. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (2017)
Stefan Viehböck blog: https://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf. Wi-Fi Protected Setup PIN brute force vulnerability. Accessed 27 Dec 2011
Hostapd Page. https://w1.fi/hostapd/. hostapd: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator. Accessed 12 Jan 2013
Esser420 Github Page, Evil Twin Framework. https://github.com/Esser420/EvilTwinFramework. Accessed 07 Nov 2017
John, B., Stefan, S.: 802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions. In: Proceedings of 12 USENIX Security Symposium, p. 2 (2003)
Könings, B., Schaub, F., Kargl, F., Dietzel, S.: Channel switch and quiet attack: new DoS attacks exploiting the 802.11 standard. In: 2009 IEEE 34th Conference on Local Computer Networks, Zurich (2009)
IEEE: Std 802.11h - Part 11: Wireless LAN MAC and PHY Layer specifications - Amendment 5: Spectrum and Transmit Power Management Extensions in the 5 GHz band in Europe. IEEE (2003)
Roney, P.: Securing Wireless Networks from ARP Cache Poisoning (2003). https://digilander.libero.it/SNHYPER/files/arppoison.pdf
Stavrou, S., Saunders, S.R.: Review of constitutive parameters of building materials. In: Twelfth International Conference on Antennas and Propagation (ICAP 2003). (Conf. Publ. No. 491), Exeter, UK, vol. 1, pp. 211–215 (2003). https://doi.org/10.1049/cp:20030052
Kolias, C., Kambourakis, G., Stavrou, A., Gritzalis, S.: Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutor. (2015)
Zou, Y., Zhu, J., Wang, X., Hanzo, L.: A survey on wireless security: technical challenges, recent advances, and future trends. Proc. IEEE 104(9), 1727–1765 (2016)
Vanhoef, M., Piessens, F.: Advanced Wi-Fi attacks using commodity hardware, pp. 256–265 (2014). https://doi.org/10.1145/2664243.2664260
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Louca, C., Peratikou, A., Stavrou, S. (2021). 802.11 Man-in-the-Middle Attack Using Channel Switch Announcement. In: Ghita, B., Shiaeles, S. (eds) Selected Papers from the 12th International Networking Conference. INC 2020. Lecture Notes in Networks and Systems, vol 180. Springer, Cham. https://doi.org/10.1007/978-3-030-64758-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-64758-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64757-5
Online ISBN: 978-3-030-64758-2
eBook Packages: EngineeringEngineering (R0)