Hijacking Wireless Communications using WiFi Pineapple NANO as a Rogue Access Point

Wireless access points are an effective solution for building scalable, flexible, mobile networks. The problem with these access points is often the lack of security. Users regularly connect to wireless access points without thinking about whether they are genuine or malicious. Moreover, users are not aware of the types of attacks that can come from “rogue” access points set up by attackers and what information can be captured by them. Attackers use this advantage to gain access to users’ confidential information. The objective of this study is to examine the effectiveness of the WiFi Pineapple NANO used as a rogue access point (RAP) in tricking users to connect to it. As part of the preliminary study, a brief survey was provided to users who connected to the Pineapple to evaluate the reasons why users connect to RAPs. The result of the cybersecurity pilot study indicated that lack of awareness played an important role. Specifically, users unknowingly connect to rogue wireless access points that put at risk not only their devices, but the whole network. The information collected in this research could be used to better educate users on identifying possible RAPs and the dangers of connecting to them

Deteksi Pineap pada Firmware Wifi Pineapple Menggunakan Smartphone Berbasis Android

Kebutuhan akan akses jaringan nirkabel atau wireless saat ini sangat dibutuhkan oleh hampir semua orang, hampir di semua tempat terdapat akses jaringan wifi. Sebuah ilmu penetrasi jaringan semakin lama selama meningkat, tidak hanya menggunakan suatu penetrasi yang menggunakan perangkat lunak, tetapi sudah merambah ke perangkat keras yang sudah berubah fungsi, tidak lagi berfungsi sebagai menyebar sebuah koneksi data, tetapi sudah merambah sebagai alat penetrasi jaringan, sistem ini berguna untuk mendeteksi adanya sebuah router yang dapat menduplikasi semua router sekitar dengan permintaan probe request, maka dari itu diperlukan suatu alat pendeteksian yang dapat mendeteksi secara real time terhadap router tersebut . penelitian ini menghasilkan suatu alat pendeteksian yang user friendly menggunakan smartphone berbasis android, beserta analisis dan melakukan suatu uji beda pada router yang memiliki firmware wifi pineapple yang memiliki core pineap

Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabilities (WIFI)

The growing volume of attacks on the Internet has increased the demand for more robust systems and sophisticated tools for vulnerability analysis, intrusion detection, forensic investigations, and possible responses. Current hacker tools and technologies warrant reengineering to address cyber crime and homeland security. The being aware of the flaws on a network is necessary to secure the information infrastructure by gathering network topology, intelligence, internal/external vulnerability analysis, and penetration testing. This paper has as main objective to minimize damages and preventing the attackers from exploiting weaknesses and vulnerabilities in the 4 ways handshake (WIFI).We equally present a detail study on various attacks and some solutions to avoid or prevent such attacks in WLAN

DETEKSI PINEAP PADA FIRMWARE WIFI PINEAPPLE MENGGUNAKAN SMARTPHONE BERBASIS ANDROID

Kebutuhan akan akses jaringan nirkabel atau wireless saat ini sangat dibutuhkan oleh hampir semua orang, hampir di semua tempat terdapat akses jaringan wifi. Sebuah ilmu penetrasi jaringan semakin lama selama meningkat, tidak hanya menggunakan suatu penetrasi yang menggunakan perangkat lunak, tetapi sudah merambah ke perangkat keras yang sudah berubah fungsi, tidak lagi berfungsi sebagai menyebar sebuah koneksi data, tetapi sudah merambah sebagai alat penetrasi jaringan, sistem ini berguna untuk mendeteksi adanya sebuah router yang dapat menduplikasi semua router sekitar dengan permintaan probe request, maka dari itu diperlukan suatu alat pendeteksian yang dapat mendeteksi secara real time terhadap router tersebut . penelitian ini menghasilkan suatu alat pendeteksian yang user friendly menggunakan smartphone berbasis android, beserta analisis dan melakukan suatu uji beda pada router yang memiliki firmware wifi pineapple yang memiliki core pineap.Â

Networks and Network Security

The purpose of this thesis is to increase awareness of network security in the office and at home by educating the public, reinforcing business decisions, and providing guidelines for network security

Studying a Virtual Testbed for Unverified Data

It is difficult to fully know the effects a piece of software will have on your computer, particularly when the software is distributed by an unknown source. The research in this paper focuses on malware detection, virtualization, and sandbox/honeypot techniques with the goal of improving the security of installing useful, but unverifiable, software. With a combination of these techniques, it should be possible to install software in an environment where it cannot harm a machine, but can be tested to determine its safety. Testing for malware, performance, network connectivity, memory usage, and interoperability can be accomplished without allowing the program to access the base operating system of a machine. After the full effects of the software are understood and it is determined to be safe, it could then be run from, and given access to, the base operating system. This thesis investigates the feasibility of creating a system to verify the security of unknown software while ensuring it will have no negative impact on the host machine

SDN as a defence mechanism : a comprehensive survey

Investing in cybersecurity is increasingly considered a significant area and aspect a business or organisation should seriously consider. Some of these security solutions are network-based and provide many levels of protection. However, traditional networks are seen to be vendor-specific and are limited, enabling minor to no network flexibility or customisation. Implementing SDN to combat cyberattacks is a workable option for resolving this traditional network constraint. Less attention has been paid to how SDN has been utilised to address security concerns, with most surveys concentrating on the security challenges the SDN paradigm faces. This study aims to provide a comprehensive overview of the state-of-the-art on how SDN has been used to combat attacks between 2017 and 2022 by highlighting the specifics of each literature, its advantages, limitations, and potential areas for further study. This work introduces a taxonomy highlighting SDN’s fundamental traits and contributions as a defence mechanism (SaaDM).peer-reviewe

Wide spectrum attribution: Using deception for attribution intelligence in cyber attacks

Modern cyber attacks have evolved considerably. The skill level required to conduct a cyber attack is low. Computing power is cheap, targets are diverse and plentiful. Point-and-click crimeware kits are widely circulated in the underground economy, while source code for sophisticated malware such as Stuxnet is available for all to download and repurpose. Despite decades of research into defensive techniques, such as firewalls, intrusion detection systems, anti-virus, code auditing, etc, the quantity of successful cyber attacks continues to increase, as does the number of vulnerabilities identified. Measures to identify perpetrators, known as attribution, have existed for as long as there have been cyber attacks. The most actively researched technical attribution techniques involve the marking and logging of network packets. These techniques are performed by network devices along the packet journey, which most often requires modification of existing router hardware and/or software, or the inclusion of additional devices. These modifications require wide-scale infrastructure changes that are not only complex and costly, but invoke legal, ethical and governance issues. The usefulness of these techniques is also often questioned, as attack actors use multiple stepping stones, often innocent systems that have been compromised, to mask the true source. As such, this thesis identifies that no publicly known previous work has been deployed on a wide-scale basis in the Internet infrastructure. This research investigates the use of an often overlooked tool for attribution: cyber de- ception. The main contribution of this work is a significant advancement in the field of deception and honeypots as technical attribution techniques. Specifically, the design and implementation of two novel honeypot approaches; i) Deception Inside Credential Engine (DICE), that uses policy and honeytokens to identify adversaries returning from different origins and ii) Adaptive Honeynet Framework (AHFW), an introspection and adaptive honeynet framework that uses actor-dependent triggers to modify the honeynet envi- ronment, to engage the adversary, increasing the quantity and diversity of interactions. The two approaches are based on a systematic review of the technical attribution litera- ture that was used to derive a set of requirements for honeypots as technical attribution techniques. Both approaches lead the way for further research in this field

Consumer-facing technology fraud : economics, attack methods and potential solutions

The emerging use of modern technologies has not only benefited society but also attracted fraudsters and criminals to misuse the technology for financial benefits. Fraud over the Internet has increased dramatically, resulting in an annual loss of billions of dollars to customers and service providers worldwide. Much of such fraud directly impacts individuals, both in the case of browser-based and mobile-based Internet services, as well as when using traditional telephony services, either through landline phones or mobiles. It is important that users of the technology should be both informed of fraud, as well as protected from frauds through fraud detection and prevention systems. In this paper, we present the anatomy of frauds for different consumer-facing technologies from three broad perspectives - we discuss Internet, mobile and traditional telecommunication, from the perspectives of losses through frauds over the technology, fraud attack mechanisms and systems used for detecting and preventing frauds. The paper also provides recommendations for securing emerging technologies from fraud and attacks

An integrated networkbased mobile botnet detection system

The increase in the use of mobile devices has made them target for attackers, through the use of sophisticated malware. One of the most significant types of such malware is mobile botnets. Due to their continually evolving nature, botnets are difficult to tackle through signature and traditional anomaly based detection methods. Machine learning techniques have also been used for this purpose. However, the study of their effectiveness has shown methodological weaknesses that have prevented the emergence of conclusive and thorough evidence about their merit. To address this problem, in this thesis we propose a mobile botnet detection system, called MBotCS and report the outcomes of a comprehensive experimental study of mobile botnet detection using supervised machine learning techniques to analyse network traffic and system calls on Android mobile devices. The research covers a range of botnet detection scenarios that is wider from what explored so far, explores atomic and box learning algorithms, and investigates thoroughly the sensitivity of the algorithm performance on different factors (algorithms, features of network traffic, system call data aggregation periods, and botnets vs normal applications and so on). These experiments have been evaluated using real mobile device traffic, and system call captured from Android mobile devices, running normal apps and mobile botnets. The experiments study has several superiorities comparing with existing research. Firstly, experiments use not only atomic but also box ML classifiers. Secondly, a comprehensive set of Android mobile botnets, which had not been considered previously, without relying on any form of synthetic training data. Thirdly, experiments contain a wider set of detection scenarios including unknown botnets and normal applications. Finally, experiments include the statistical significance of differences in detection performance measures with respect to different factors. The study resulted in positive evidence about the effectiveness of the supervised learning approach, as a solution to the mobile botnet detection problem