PENERAPAN EVIL TWIN DETEKTOR DALAM PENDETEKSIAN PENGGANGGU JARINGAN NIRKABEL PADA USER

Nowadays, wireless networking facilities are provided in public places such as fast food restaurant, airports, hotels, campuses and are an attraction for users to use them. The wireless network provided uses an open authentication system and web-based authentication as the second layer used by customers to identify themselves according to the service they have before they can connect to the internet or WiFi Hotspot is a frequently used name. However, unnoticed by the user, it can be utilized by parties who are not entitled to attack and disturb. One of the attacks on wireless networks is the evil twin attack, given the ease in creating it by only duplicating the existing wireless network configuration and forcing users to move to the evil twin network because the installation tends to be closer to the victim's location. Administrator-based detection is one solution that is implemented but has a dependency on the availability of network administrators and supporting devices. To assist users in detecting disturbances, this research proposed client-based evil twin detection that utilizes Medium Access Control (MAC) address data and automatic configuration information provided by a Dynamic Host Configuration Protocol (DHCP) server on a wireless network. Shell programming on the Linux operating system is used to implement the solution. Keywords: Evil Twin Attack, Hotspot WiFi, WiFi Securit

Gateway Independent User-Side Wi-Fi Evil Twin Attack Detection Using Virtual Wireless Clients

Complimentary open Wi-Fi networks offered by most coffee shops, fast food restaurants and airports are inherently insecure. An attacker can easily deceive a wireless client (WC) by setting up a rogue access point (RAP) impersonating the legitimate access point (LAP), which is usually referred as Evil Twin Attack (ETA). To pass a victim\u27s wireless data through to the Internet, an attacker may use the same LAP\u27s gateway, or use a different gateway, such as broadband cellular connection. Most of the existing ETA detection techniques assume that the attacker will use a specific wireless network gateway to pass victim\u27s wireless data. In this paper, we present a real-time client-side detection scheme to detect ETA regardless of the attacker\u27s gateway selection. The proposed ETA detection system considers both ETA scenarios in parallel by creating two Virtual Wireless Clients (VWCs). The first VWC monitors multiple Wi-Fi channels in a random order looking for specific data packets sent by a server on the Internet. Meanwhile, the second VWC warns the WC when the wireless network uses two different gateways by switching from one AP to another in the middle of a secure connection. The effectiveness of the proposed detection method has been mathematically modeled, prototyped and evaluated in real-life environment with a detection rate close to 100%