A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication

Aldo Cassola, William Robertson, Engin Kirda, Guevara Noubir
Northeastern University, College of Computer and Information Science
Network and Distributed System Security Symposium (NDSS), 2013


   author={Aldo Cassola and William Robertson and Engin Kirda and Guevara Noubir},

   title={A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication},

   booktitle={Proceedings of the Network and Distributed System Security Symposium (NDSS)},



   address={San Diego, CA USA}


Download Download (PDF)   View View   Source Source   



Wireless networking technologies have fundamentally changed the way we compute, allowing ubiquitous, anytime, any-where access to information. At the same time, wireless technologies come with the security cost that adversaries may receive signals and engage in unauthorized communication even when not physically close to a network. Because of the utmost importance of wireless security, many standards have been developed that are in wide use to secure sensitive wireless networks; one such popular standard is WPA Enterprise. In this paper, we present a novel, highly practical, and targeted variant of a wireless evil twin attack against WPA Enterprise networks. We show significant design deficiencies in wireless management user interfaces for commodity operating systems, and also highlight the practical importance of the weak binding between wireless network SSIDs and authentication server certificates. We describe a prototype implementation of the attack, and discuss countermeasures that should be adopted. Our user experiments with 17 technically-sophisticated users show that the attack is stealthy and effective in practice. None of the victims were able to detect the attack.
No votes yet.
Please wait...

* * *

* * *

HGPU group © 2010-2021 hgpu.org

All rights belong to the respective authors

Contact us: