Twitter
« Cryptographic Flaws in Skype for Business | Main | Why it is Hard to Implement Cryptographic Algorithms »
Tuesday
Jan172017

Whitepaper: Identifying Rogue Access Point Attacks Using Probe Response Patterns and Signal Strength

Last summer we released material at DEF CON 2016 documenting our research on rogue access point attack detection. As a follow-up, we are releasing our extended whitepaper on the subject. The whitepaper begins by providing a thorough overview of the weaknesses that make 802.11 susceptible to rogue access point attacks. We also explain why these weaknesses are still relevant in today’s wireless landscape, with a particular focus on enterprise environments. Previous attempts at remediating these issues are also explored, as is the evolution of rogue access point technology over the past decade. Finally, with this background information out of the way, we deliver two new techniques for detecting evil twin and Karma attacks. Potential areas for future research are also identified, providing a starting point for future exploratory endeavors.

Our whitepaper can be found at the following URL:

https://github.com/gdssecurity/Whitepapers/blob/master/GDS Labs - Identifying Rogue Access Point Attacks Using Probe Response Patterns and Signal Strength.pdf

To check out our previous work on the subject, including our DEF CON material and Sentrygun rogue AP killing software, please refer to the links below:

https://github.com/gdssecurity/sentrygun
https://github.com/gdssecurity/sentrygun-server
https://www.youtube.com/watch?v=dtNUFGnToQs
https://docs.google.com/presentation/d/1uwlF2nl6EtC70yryK8MleACMl72EGwkCZWng5eVONOQ/edit