This paper focuses on a very pertinent issue in the field of cybersecurity, particularly concerning the increased use of public Wi-Fi and the proliferation of IoT devices. The scenario, where an attacker captures user details through a malicious access point set up through a NodeMCU, is a practical illustration of a Man-in-the-Middle (MitM) attack. These attacks are especially concerning in the context of smart homes and smart cities, where security breaches can lead to severe privacy invasions and disruptions of essential services. The NodeMCU, being a low-cost, open-source IoT platform, is accessible for creating such malicious access points. It can be programmed to mimic legitimate Wi-Fi hotspots to intercept the data of unsuspecting users. This type of attack can enable unauthorized access to sensitive information such as login credentials, personal data, and even control over connected IoT devices. This approach is user-friendly and can significantly reduce the risk of users unknowingly connecting to malicious websites. The contribution of this paper includes a demonstration and analysis of a common network and IoT attack and a novel method for detecting fraudulent URLs, particularly those used in phishing attacks. By addressing these aspects, the paper makes a significant contribution to the field of cybersecurity and helps foster a more secure and resilient network and IoT ecosystem.
Read full abstract