Type of Document Master's Thesis Author Khanna, Isha URN etd-12152009-111233 Title Phishing on Open WLANs: Threat and Preventive Measure Degree Master of Science Department Electrical and Computer Engineering Advisory Committee
Advisor Name Title Yang, Yaling Committee Chair Keywords
- Rogue AP
Date of Defense 2009-12-08 Availability unrestricted AbstractPhishing is an internet security issue whose shape is still changing and size is still increasing.
This thesis shows the possibility of a phishing attack on open, private Wireless LANs. Private
WLANs which use a login page to authenticate users in hotels, airports and academic campuses
are all vulnerable to this attack. Virginia Tech's WLAN is used as an example to show that the
attack is possible. The attack combines two very well known attacks: one is to deceptively guide
a user into logging into a fake website, which shows similar log-in page to the page of the
website the user intends to go to, and the second attack is to show users a valid certificate, which
does not show a warning. The rogue server takes the user to a log-in page which is similar to
Virginia Tech's log-in page and shows him a valid security certificate.
We present a solution to the proposed problem. Software is implemented that runs on Windows
Vista. The software warns the user if there are servers with more than one type of security
certificates, claiming to be from the same network. We contrast our method to already existing
methods, and show in what respects our solution is better. The biggest advantage of this method
is that it involves no change on the server side. It is not necessary for the users to have any prior
knowledge of the network, which is very helpful when the users access WLAN at airports and
hotels. Also, when using this method, the user does not need to connect to any network, and is
still able to get a warning. It however, requires the user to be able to differentiate between the
real and fake networks after the user has been warned.
Filename Size Approximate Download Time (Hours:Minutes:Seconds)
28.8 Modem 56K Modem ISDN (64 Kb) ISDN (128 Kb) Higher-speed Access Khanna_I_T_2009.pdf 745.20 Kb 00:03:26 00:01:46 00:01:33 00:00:46 00:00:03
If you have questions or technical problems, please Contact DLA.