Title page for ETD etd-12152009-111233

Type of Document Master's Thesis
Author Khanna, Isha
URN etd-12152009-111233
Title Phishing on Open WLANs: Threat and Preventive Measure
Degree Master of Science
Department Electrical and Computer Engineering
Advisory Committee
Advisor Name Title
Yang, Yaling Committee Chair
Keywords
  • Phishing
  • Rogue AP
  • SSL
  • Certificate
Date of Defense 2009-12-08
Availability unrestricted
Abstract
Phishing is an internet security issue whose shape is still changing and size is still increasing.

This thesis shows the possibility of a phishing attack on open, private Wireless LANs. Private

WLANs which use a login page to authenticate users in hotels, airports and academic campuses

are all vulnerable to this attack. Virginia Tech's WLAN is used as an example to show that the

attack is possible. The attack combines two very well known attacks: one is to deceptively guide

a user into logging into a fake website, which shows similar log-in page to the page of the

website the user intends to go to, and the second attack is to show users a valid certificate, which

does not show a warning. The rogue server takes the user to a log-in page which is similar to

Virginia Tech's log-in page and shows him a valid security certificate.

We present a solution to the proposed problem. Software is implemented that runs on Windows

Vista. The software warns the user if there are servers with more than one type of security

certificates, claiming to be from the same network. We contrast our method to already existing

methods, and show in what respects our solution is better. The biggest advantage of this method

is that it involves no change on the server side. It is not necessary for the users to have any prior

knowledge of the network, which is very helpful when the users access WLAN at airports and

hotels. Also, when using this method, the user does not need to connect to any network, and is

still able to get a warning. It however, requires the user to be able to differentiate between the

real and fake networks after the user has been warned.
Files
  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  Khanna_I_T_2009.pdf 745.20 Kb 00:03:26 00:01:46 00:01:33 00:00:46 00:00:03
Browse All Available ETDs by ( Author | Department )
dla home
etds imagebase journals news ereserve special collections
virgnia tech home contact dla university libraries

If you have questions or technical problems, please Contact DLA.