Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Cyberspace Safety and Security

CSS 2012: Cyberspace Safety and Security pp 153–164Cite as

Robust Authentication of Public Access Points Using Digital Certificates – A Novel Approach

  • Conference paper

  • 2430 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7672))

Abstract

This paper present a novel Certificate-based authentication of public access points (APs). The presented approach is the first to consider authentication of public APs. It is also the first work to consider using digital Certificates for public AP authentication. Normally, when a user wants to access internet in public hot-spots like airports, coffee shops, library, etc., there is often lack of information for the user to make an informed decision on which AP to connect. Consequently, an adversary can easily place a rogue AP in a public hotspot luring users to connect to his AP. Unfortunately, most people focus their attention to the signal strength of the AP and the service fee, and very little attention to the security of the AP. This makes the job of the adversary significantly easier. The adversary can simply place a rogue AP with a look alike name (SSID) that is free to users. With the proposed Certificate-based authentication of APs, the user can readily see available certified APs in range and choose to connect to the one they prefer based on any parameter of choice – signal strength, service provider, fees, etc. Finally, we have shown that an adversary can neither generate fake Certificates nor steal the Certificate from a certified AP and cause significant damage. We have also addressed defense against most common threats to public APs such as – replay attacks, man-in-the-middle attacks, and fabrication attacks. The proposed solution is very robust in validating the authenticity of public APs and isolating rogue APs.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ai-Salihy, W.A.-H., Samsudin, A.: A New Proposed Protocol of Router’s CA Certificate. In: International Conference on Computing & Informatics (ICOCI 2006), Kuala Lumpur, Malaysia (June 2006)

    Google Scholar 

  2. Chen, E.Y., Ito, M.: Using End-to-Middle Security to Protect against Evil Twin Access Points. In: World of Wireless, Mobile and Multimedia Networks & Workshops (WoWMoM 2009), Psalidi, Greece (June 2009)

    Google Scholar 

  3. Sawicki, K., Piotrowski, Z.: The proposal of IEEE 802.11 network access point authentication mechanism using a covert channel. In: International Conference on Microwaves, Radar and Wireless Communications, Warsaw, Poland (May 2012)

    Google Scholar 

  4. Jana, S., Kasera, S.K.: On Fast and Accurate Detection of Unauthorized Wireless Access Points Using Clock Skews. IEEE Transactions on Mobile Computing (March 2010)

    Google Scholar 

  5. Shetty, S., Ma, L.: Rogue Access Point Detection by Analyzing Network Traffic Characteristics. In: Military Communications Conference (MILCOM 2007), Florida, USA (October 2007)

    Google Scholar 

  6. Bahl, P., Chandra, R., Padhye, J., Ravindranath, L., Singh, M., Wolman, A., Zill, B.: Enhancing the security of corporate Wi-Fi networks using DAIR. In: Proceeding of ACM MobiSys 2006(2006)

    Google Scholar 

  7. Adya, A., Bahl, P., Chandra, R., Qiu, L.: Architecture and techniques for diagnosing faults in IEEE 802.11 infrastructure networks. In: Proceedings of ACM MobiCom 2004 (2004)

    Google Scholar 

  8. Han, H., Sheng, B., Tan, C.C., Li, Q., Lu, S.: A Measurement Based Rogue AP Detection Scheme. In: IEEE INFOCOM 2009, Rio de Janeiro, Brazil (April 2009)

    Google Scholar 

  9. Watkins, L., Beyah, R., Corbett, C.: A Passive Approach to Rogue Access Point Detection. In: Global Telecommunications Conference (GLOBECOM 2007), California, USA (November 2007)

    Google Scholar 

  10. Wei, W., Suh, K., Gu, Y., Wang, B., Kurose, J.: Passive online rogue access point detection using sequential hypothesis testing with TCP ACK-pairs. Technical Report, UM-CS-2006-060 (November 2006)

    Google Scholar 

  11. Beyah, R., Kangude, S., Yu, G., Strickland, B., Copeland, J.: Rogue Access Point Detection using Temporal Traffic Characteristics. In: Proc. of IEEE GLOBECOM (December 2004)

    Google Scholar 

  12. Ma, L., Teymorian, A.Y., Cheng, X., Song, M.: RAP: Protecting Commodity Wi-Fi Networks from Rogue Access Points. In: Proceedings of Qshine 2007 (2007)

    Google Scholar 

  13. Introduction to Digital Certificates, http://www.verisign.com.au/repository/tutorial/digital/intro1.shtml

  14. Skickley, J.: Wireless Networking: Fertile Ground for Social Engineering. In: Beautiful Security, ch. 2. O’Reilly Press (2009) ISBN:978-0-596-52748-8

    Google Scholar 

  15. Sheng, Y., Tan, K., Chen, G., Kotz, D., Campbell, A.: Detecting 802.11 MAC layer spoofing using received signal strength. In: Proceeding of IEEE INFOCOM 2008 (2008)

    Google Scholar 

  16. Brik, V., Banerjee, S., Gruteser, M., Oh, S.: Wireless device identification with radiometric signatures. In: Proceeding of ACM Mobicom 2008 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, George Mason University, Fairfax, VA, 22030, USA

    Avinash Srinivasan & Lashidhar Chennupati

Authors
  1. Avinash Srinivasan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lashidhar Chennupati
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University, 221 Burwood Highway, 3125, Burwood, VIC, Australia

    Yang Xiang  & Wanlei Zhou  & 

  2. Computer Science Department, ETSI Informatica, University of Malaga, Campus de Teatinos, 29170, Malaga, Spain

    Javier Lopez

  3. Ming Hsieh Department of Electrical Engineering, University of Southern California, 3740 McClintock Ave., 90089-2564, Los Angeles, CA, USA

    C.-C. Jay Kuo

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Srinivasan, A., Chennupati, L. (2012). Robust Authentication of Public Access Points Using Digital Certificates – A Novel Approach. In: Xiang, Y., Lopez, J., Kuo, CC.J., Zhou, W. (eds) Cyberspace Safety and Security. CSS 2012. Lecture Notes in Computer Science, vol 7672. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35362-8_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35362-8_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35361-1

  • Online ISBN: 978-3-642-35362-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation