Title :
Case of study: Identity theft in a university WLAN Evil twin and cloned authentication web interface
Author :
Briones, Jose Maria ; Coronel, Mario Alejandro ; Chavez-Burbano, P.
Author_Institution :
Fac. de Ing. en Electr. y Comput., Escuela Super. Politec. del Litoral (ESPOL), Guayaquil, Ecuador
Abstract :
This paper is about the insecurity of the Wireless LAN of a university that is supposed to be available only for students and teachers through a username and a password. This attack shows how to deceive a user making him think he is connecting to a real access point and entering his information in the real web interface that the university provides for user authentication. We create a fake access point using the same name of the university´s WLAN to capture login credentials using a fake authentication web interface and then use this information for identity theft. After the demonstration we present possible solutions and recommendations to be aware and avoid this kind of attacks that are a high risk for the security of students and teachers.
Keywords :
computer network security; educational administrative data processing; message authentication; user interfaces; wireless LAN; cloned authentication Web interface; evil twin attack; fake access point; fake authentication Web interface; identity theft; local area network; login credentials; university WLAN; user authentication; wireless LAN; Authentication; Educational institutions; Servers; Wireless LAN; Wireless networks; evil tween; identity theft; wireless;
Conference_Titel :
Computer and Information Technology (WCCIT), 2013 World Congress on
Conference_Location :
Sousse
Print_ISBN :
978-1-4799-0460-0
DOI :
10.1109/WCCIT.2013.6618697
