TL;DR
This paper investigates the security vulnerabilities of the GWireless network, demonstrating how an 'evil twin' attack can capture user credentials, and discusses methods to prevent such attacks.
Contribution
It provides a detailed analysis of the 'evil twin' attack on enterprise Wi-Fi networks and evaluates mitigation strategies.
Findings
Evil twin attack can successfully capture authentication hashes.
Feasibility of the attack depends on specific hardware and software configurations.
Preventive measures can significantly reduce the risk of credential theft.
Abstract
Wireless networking has become very popular in recent years due to the increase in adoption of mobile devices. As more and more employees demand for Wi-Fi access for their devices, more companies have been jumping onto the "Bring Your Own Device" (BYOD) bandwagon[1] to appease their employees. One such example of an enterprise wireless infrastructure is the George Washington University's GWireless. For this project, I will attempt to capture hashes of authentication credentials from users who are connecting to the GWireless network using what is commonly known as the "evil twin" attack. I will document the hardware, software used and steps taken to configure the devices. I will then evaluate the feasibility of such an attack, explore variations of the attack and document measures that can be taken to prevent such an attack.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques