Portal de Periódicos da CAPES

Detecting and Blocking Unauthorized Access in Wi-Fi Networks

2004; Springer Science+Business Media; Linguagem: Inglês

10.1007/978-3-540-24693-0_65

1611-3349

Haidong Xia, José Carlos Brustoloni,

Internet Traffic Analysis and Secure E-voting

Academic and commercial 802.11 hotspots often use an SSL-secured captive portal to authenticate clients. Captive portals provide good usability and interoperability, but poor security. After a captive portal has authenticated a client, session hijacking and freeloading allow attackers to capture or use the client’s session. Freeloading does not require special tools and, surprisingly, is strengthened by the (widely recommended) use of personal firewalls. We propose and evaluate novel defenses against these attacks, session id checking and MAC sequence number tracking, both of which are transparent to clients and do not require changes in client computers. Experiments demonstrate that the proposed defenses are effective against the mentioned attacks and have little overhead.