CPU600 Project: Detecting and Preventing Evil Twin Attacks

Verified

Added on 2023/05/30

AI Summary

This project investigates and proposes solutions to enhance the security of wireless networks, specifically addressing the threat of evil twin attacks. The project leverages the Raspberry Pi platform to detect and prevent unauthorized access points that mimic legitimate networks, potentially capturing user traffic and sensitive information. The methodology involves building a Raspberry Pi-based system that identifies fake access points by analyzing probe requests and responses. The proposed solution is divided into two parts: one on the access point side and another on the operating system side. The project aims to improve the robustness of detection, mitigate security risks, and meet the needs of end-users by implementing security measures. The research also reviews existing literature on evil twin attacks, identifies security problems, and evaluates the overall project's effectiveness. The project also suggests methods for securing a local server, including blocking unauthorized access, limiting open ports, regularly changing passwords, and utilizing intrusion detection systems. The project emphasizes the importance of network security on both the client and server sides. The project concludes with the importance of securing the raspberry pi, and the devices connected to it, and provides a summary of best practices for securing a device, and the network.

C O M P U T E R & N E T W O R K S
S E C U R I T Y

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

INTRODUCTION
• The raspberry Pi boards are effective for any project due to its cost effectiveness, easy usage,
various programmable GPIO pins, various USB port and CPU availability.
• The raspberry pi can be utilized for all types of automation and information gathering.
• Raspberry pi can be hacked.
• Thus, it is essential to secure the raspberry pi and the other connected devices on the network.
• The hackers are interested in hacking the raspberry pi, because it is an entry point for the
internal network, which could be used for attacking the other hosts.
• Moreover, its computing power could be abused for operations such as mining cryptocurrency.
• The attackers can easily collect the file servers, install ransomware, make changes to the
firewall and the settings of router for ensuring continuous access, to perform harmful actions in
the future.

INTRODUCTION
• The lack of wireless Network’s security is known when an individual is connected to the
network (Cisco, 2018).
• For example, the cafes such as Starbuck and Macdonald are the places where the attacker tries
to carry out the man-in-the-middle attacks.
• The attacker make sure to set up a spoof Wi-Fi AP that looks similar to the legitimate network,
but it captures the traffic and collects confidential information, for performing fraudulent
activities.
• Therefore, this research work improves the security of wireless network against illegitimate
access point.
• It needs to identify the techniques that effectively prevent or mitigate the attacks on the
wireless network.

RESEARCH QUESTIONS
The following are the research questions:
• Will the robustness of detection improve?
• Can the raspberry pi be secured with security measures implemented to meet the needs of the
end users?
• Can the security risks be mitigated?
• Will the raspberry pi technique detect and prevent from Evil Twin Attack on the Wireless
Networks?

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

AIM
• The aim of this research includes improving the wireless network’s security against the
illegitimate APs. This needs identification of techniques that efficiently secures to mitigate the
risks of attacks on the wireless network. It’s results might include loss of confidential
information, which can be used for various fraudulent activities.
•

OBJECTIVES
This research’s objectives are:
• To build a raspberry pi which is connected with the wireless network, to identify and prevent it
from the evil twin attacks.
• To test the raspberry pi, to ensure that the implemented security measures meet the needs of the
end users.
• To recognize the security problems, which the users of wireless network bring up.
• To evaluate the overall research project.

LITERATURE REVIEW
• The preliminary literature review explains the existing researches and methods related to the
detection against the evil twin attacks. Then, the review concentrates mainly on finding the
solution for protection from the evil twin attacks. Further, the study provides the understanding
on how identifying and mitigating the risks are the important steps to prevent the network from
the unauthorised attacks. Thus, the importance of identifying the evil twin attacks is
determined. The previous related research on the research problem and their strength and
weakness and a justification of your research are determined. Therefore, this research ensures
to provide a simple mechanism for protecting and detecting the evil twin attacks.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

RESEARCH METHODOLOGY
• Literature review is the primary research method for this research work. The constraints are
identified and classified in a structured approach in two parts i.e., part 1 and part 2. The part 1
is executed on the AP side, and part 2 is implemented on the OS (operating system), where
even the Evil Twin attack is detected.

PROPOSED WORK
• The proposed methodology is divided in two part as follows:
Part 1
• The process begins when the wireless client has a fake access point (AP). Because, it senses the
same AP name (SSID), the wireless client directs the request frame to that AP. Immediately,
when the AP receives the probe request frame it goes to the table and frisks for that SSID, if it
is present then it checks the corresponding MAC address and ‘TIME’. Later, it sends the
corresponding response frame to the wireless device with ‘TIME’ otherwise if SSID is not
present in the table then a new entry has to be made for that SSID with ‘TIME’ equal to zero,
which signifies that it belongs to ANL. Then, transmits the response frame
(SSID/BSSID/TIME) followed by which the Authentication and Association exchange takes
place. This ensures successfully establishing the connection. The flowchart in figure 1,
illustrates the described process.

PART 2
• This part is on the OS side and the process begins as soon as the probe response frame is
received by the OS. Then, it goes to the table that stores the SSID/BSSID/TIME of several APs
previously associated with it and searches for the SSID, where it actually tries to match it with
the equivalent BSSID and TIME. When each information matches, then it moves to the next
step, where connection is established. In case, if the information differs then it generates a
warning message that states, “Fake Access Point Detected.” Further, it doesn’t incorporate such
connection (Kumar, Raj and Paul, 2009).