Deceiving Attackers in Wireless Local Area Networks Using Decoys

Abstract

Detecting a malicious activity like fingerprinting on wireless local area network is a challenging task. With cyber deception strategy, we can gather information about the malicious activity by placing honeypots that can act as a trap to lure the attacker. Cyber deception is a conventional method to cloak real-time environment into a virtual legitimate environment. Our analysis shows that deception is an existing strategy in a wired LAN environment. This paper provides a wider perspective of deception strategy on wireless LAN. We primarily focus on the evil twin access point which causes serious threat to the legitimate Wi-Fi access points. Here a novel approach has been suggested to detect and identify the malicious activity by deceiving the attackers in their evil twin access points using decoys which are honeypots. The paper also provides a reliable way to gather the attacker’s activity information. We can also detect SSL stripping and DNS spoofing attack using this approach.