Abstract
Network spoofing is becoming a common attack in wireless networks. The trend is going high due to an increase in Internet users. Similarly, there is a rapid growth of numbers in mobile devices in the working environments and on most official occasions. The trends pose a huge threat to users since they become the prime target of attackers. More unfortunately, mobile devices have weak security measures due to their limited computational powers. Current approaches to detect spoofing attacks focus on personal computers and rely on the network hosts’ capacity, leaving guest users with mobile devices at risk. Some approaches on Android-based devices demand root privilege, which is highly discouraged. This paper presents an Android-based client-side solution to detect the presence of fake access points in a perimeter using details collected from probe responses. Our approach considers the difference in security information and signal level of an access point (AP). We present the detection in three networks, (i) open networks, (ii) closed networks and (iii) networks with captive portals. As a departure from existing works, our solution does not require root access for detection, and it is developed for portability and better performance. Experimental results show that our approach can detect fake access points with an accuracy of 99% and 99.7% at an average of 24.64 and 7.78 milliseconds in open and closed networks, respectively.
Highlights
AND BACKGROUNDT HE global mobile population on the Internet is rapidly expanding, accounting for 48% of global online page views and 50.44% of Internet traffic [1], [2]
This paper proposed a prototype of an Android application to detect hotspot spoofing attacks in wireless network settings using features collected from broadcasting access point (AP)
AP is compared for the differences in capabilities in closed networks, and later Received Signal Strength Indicator (RSSI) value is used when capabilities information appears to be the same
Summary
T HE global mobile population on the Internet is rapidly expanding, accounting for 48% of global online page views and 50.44% of Internet traffic [1], [2]. Despite efforts to prevent mobile devices from connecting to RAP, spoofing attacks are still possible as a result of mobile users’ carelessness with wireless communications [29]. We adopt the method proposed by [23] to detect fake APs with a captive portal by deceiving the portal with fake login credentials, which minimises the risk of users exposing their true credentials to attackers. We do this by simulating a fake captive portal on Android devices. We present a testing experiment in three different network structures and compare results with previous studies
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
