Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks
Wireless clients are vulnerable to exploitation by evil twins due to flaws in the authentication process of 802.11 Wi-Fi networks. Current certificate-based wireless authentication protocols present a potential solution, but are limited in their ability to provide a secure and usable platform for ce...
| Main Author: | |
|---|---|
| Format: | Others |
| Published: |
BYU ScholarsArchive
2016
|
| Subjects: | |
| Online Access: | https://scholarsarchive.byu.edu/etd/6115 https://scholarsarchive.byu.edu/cgi/viewcontent.cgi?article=7115&context=etd |
| id |
ndltd-BGMYU2-oai-scholarsarchive.byu.edu-etd-7115 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-BGMYU2-oai-scholarsarchive.byu.edu-etd-71152019-05-16T03:36:13Z Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks Hendershot, Travis S. Wireless clients are vulnerable to exploitation by evil twins due to flaws in the authentication process of 802.11 Wi-Fi networks. Current certificate-based wireless authentication protocols present a potential solution, but are limited in their ability to provide a secure and usable platform for certificate validation. Our work seeks to mitigate these limitations by exploring a client-side strategy for utilizing alternative trust models in wireless network authentication. We compile a taxonomy of various trust models for conducting certificate-based authentication of wireless networks and methodically evaluate each model according to desirable properties of security, usability, and deployability. We then build a platform for leveraging alternative certificate-based trust models in wireless networks, present a proof-of-concept using one of the most promising alternative validation models identified--a whitelisting and pinning hybrid--and examine its effectiveness at defending against evil twin attacks in 802.11 networks. 2016-11-01T07:00:00Z text application/pdf https://scholarsarchive.byu.edu/etd/6115 https://scholarsarchive.byu.edu/cgi/viewcontent.cgi?article=7115&context=etd http://lib.byu.edu/about/copyright/ All Theses and Dissertations BYU ScholarsArchive Wireless networks authentication public key cryptography evil twin Computer Sciences |
| collection |
NDLTD |
| format |
Others
|
| sources |
NDLTD |
| topic |
Wireless networks authentication public key cryptography evil twin Computer Sciences |
| spellingShingle |
Wireless networks authentication public key cryptography evil twin Computer Sciences Hendershot, Travis S. Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks |
| description |
Wireless clients are vulnerable to exploitation by evil twins due to flaws in the authentication process of 802.11 Wi-Fi networks. Current certificate-based wireless authentication protocols present a potential solution, but are limited in their ability to provide a secure and usable platform for certificate validation. Our work seeks to mitigate these limitations by exploring a client-side strategy for utilizing alternative trust models in wireless network authentication. We compile a taxonomy of various trust models for conducting certificate-based authentication of wireless networks and methodically evaluate each model according to desirable properties of security, usability, and deployability. We then build a platform for leveraging alternative certificate-based trust models in wireless networks, present a proof-of-concept using one of the most promising alternative validation models identified--a whitelisting and pinning hybrid--and examine its effectiveness at defending against evil twin attacks in 802.11 networks. |
| author |
Hendershot, Travis S. |
| author_facet |
Hendershot, Travis S. |
| author_sort |
Hendershot, Travis S. |
| title |
Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks |
| title_short |
Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks |
| title_full |
Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks |
| title_fullStr |
Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks |
| title_full_unstemmed |
Towards Using Certificate-Based Authentication as a Defense Against Evil Twins in 802.11 Networks |
| title_sort |
towards using certificate-based authentication as a defense against evil twins in 802.11 networks |
| publisher |
BYU ScholarsArchive |
| publishDate |
2016 |
| url |
https://scholarsarchive.byu.edu/etd/6115 https://scholarsarchive.byu.edu/cgi/viewcontent.cgi?article=7115&context=etd |
| work_keys_str_mv |
AT hendershottraviss towardsusingcertificatebasedauthenticationasadefenseagainsteviltwinsin80211networks |
| _version_ |
1719187394307031040 |