Phishing in the Wireless: Implementation and Analysis
- Web-based authentication is a popular mechanism implemented by Wireless Internet Service Providers (WISPs) because it allows a simple registration and authentication of customers, while avoiding the high resource requirements of the new IEEE 802.11i security standard and the backward compatibility issues of legacy devices. In this work we demonstrate two different and novel attacks against web-based authentication. One attack exploits operational anomalies of low- and middle-priced devices in order to hijack wireless clients, while the other exploits an already known vulnerability within wired-networks, which in dynamic wireless environments turns out to be even harder to detect and protect against.
Author: | Ivan Martinovic, Frank A. Zdarsky, Adam Bachorek, Christian Jung, Jens B. Schmitt |
---|---|
URN: | urn:nbn:de:hbz:386-kluedo-14685 |
Series (Serial Number): | Interner Bericht des Fachbereich Informatik (351) |
Document Type: | Report |
Language of publication: | English |
Year of Completion: | 2006 |
Year of first Publication: | 2006 |
Publishing Institution: | Technische Universität Kaiserslautern |
Date of the Publication (Server): | 2006/11/22 |
Faculties / Organisational entities: | Kaiserslautern - Fachbereich Informatik |
DDC-Cassification: | 0 Allgemeines, Informatik, Informationswissenschaft / 004 Informatik |
Licence (German): | Standard gemäß KLUEDO-Leitlinien vor dem 27.05.2011 |