An Detection And Protection Method For Man-In-The-Middle Attacks In The Wireless Networks

In the wireless network environment, all of the users can access the wireless channel. Therefore, if some users exploit this feature by mimicking the characteristics of the central wireless access point (AP), they can intercept almost the information through the network. This scenario is referred as the Man-in-the-middle (MITM) attack. In the MITM attack, the attackers set up a rogue AP to spoof the clients. In this thesis, we focus on the detection method of MITM attacks in Wi-Fi network. It is making a contribution to the detection and protection of MITM attacks in the wirless networks.This thesis introduces the entire process of performing and detecting the MITM attack into two separate sections. The first section starts from creating a rogue AP by imitating the characteristic of a legitimate AP. Then a multi-point jamming attack is conducted to kidnap the clients and force them to connect to the rogue AP. Furthermore, the sniffer software can intercept the private information passing through the rogue AP.The second section focuses on the detection of MITM attacks from two aspects:jamming attacks detection and rogue AP detection. In order to enable the network to perform defensive strategies more effectively, distinguishing the different types of jamming attacks is necessary. We begin by using signal strength consistency mechanism in order to detect jamming attacks. Then, based on the statistical data of packets-send-ratio (PSR) and packets-delivery-ratio (PDR) in different jamming situations, a model is built to further differentiate the jamming attacks. At the same time, we gather the received-signal-strength-indication (RSSI) values from three monitor-nodes which process the random RSSI values employing a sliding window algorithm. According to the mean and standard deviation curve of RSSI, we can detect whether a rogue AP is present within the vicinity. All these proposed approaches, either attack or detection, have been validated via computer simulations and experimental hardware implementations including Backtrack5Tools and MATLAB software suite.The contents of this article are part of the863National Research and Development Project.And a paper named "An Improved Detection Method for Different Types of Jamming Attacks in Wireless Networks"has been published in ICSAI2014International Conference.