Academic and commercial 802.11 hotspots often use an SSL-secured captive portal to authenticate clients. Captive portals provide good usability and interoperability, but poor security. After a captive portal has authenticated a client, session hijacking and freeloading allow attackers to capture or use the client's session. Freeloading does not require special tools and, surprisingly, is strengthened by the (widely recommended) use of personal firewalls. We propose and evaluate novel defenses against these attacks, session id checking and MAC sequence number tracking, both of which are transparent to clients and do not require changes in client computers. Experiments demonstrate that the proposed defenses are effective against the mentioned attacks and have little overhead. © IFIP International Federation for Information Processing 2004.
CITATION STYLE
Xia, H., & Brustoloni, J. (2004). Detecting and blocking unauthorized access in Wi-Fi networks. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3042, 795–806. https://doi.org/10.1007/978-3-540-24693-0_65
Mendeley helps you to discover research relevant for your work.