Practical Defenses for Evil Twin Attacks in 802.11
Open-access 802.11 wireless networks are commonly deployed in cafes, bookstores, and other public spaces to provide free Internet connectivity. These networks are convenient to deploy, requiring no out-of-band key exchange or prior trust relationships. However, such networks are vulnerable to a variety of threats including the evil twin attack where an adversary clones a client's previously-used access point for a variety of malicious purposes including malware injection or identity theft. The authors propose defenses that aim to maintain the simplicity, convenience, and usability of open-access networks while offering increased protection from evil twin attacks.