You are here
DENIAL OF CONVENIENCE ATTACK TO SMARTPHONES USING A FAKE WI-FI ACCESS POINT
- Date Issued:
- 2012
- Abstract/Description:
- In this thesis, we consider a novel denial of service attack targeted at popular smartphone operating systems. This type of attack, which we call a Denial of Convenience (DoC) attack, prevents non-technical savvy victims from utilizing data services by exploiting the connectivity management protocol of smartphones' operating systems when encountered with a Wi-Fi access point. By setting up a fake Wi-Fi access point without Internet access (using simple devices such as a laptop), an adversary can prompt a smartphone with enabled Wi-Fi features to automatically terminate a valid mobile broadband connection and connect to this fake Wi-Fi access point. This, as a result, prevents the targeted smartphone from having any type of Internet connection unless the victim is capable of diagnosing the problem and disabling the Wi-Fi features manually. For the majority of smartphone users that have little networking knowledge, this can be a challenging task. We demonstrate that most current smartphones, including iPhone and Android phones, are vulnerable to this DoC attack. To address this attack, we propose implementing a novel Internet-access validation protocol to validate a Wi-Fi access point by taking advantage of the cellular network channel. It first uses the cellular network to send a secret to an Internet validation server, and tries to retrieve this secret via the newly established Wi-Fi channel to validate the connection of the Wi-Fi channel.
Title: | DENIAL OF CONVENIENCE ATTACK TO SMARTPHONES USING A FAKE WI-FI ACCESS POINT. |
25 views
8 downloads |
---|---|---|
Name(s): |
Dondyk, Erich, Author Zou, Cliff, Committee Chair University of Central Florida, Degree Grantor |
|
Type of Resource: | text | |
Date Issued: | 2012 | |
Publisher: | University of Central Florida | |
Language(s): | English | |
Abstract/Description: | In this thesis, we consider a novel denial of service attack targeted at popular smartphone operating systems. This type of attack, which we call a Denial of Convenience (DoC) attack, prevents non-technical savvy victims from utilizing data services by exploiting the connectivity management protocol of smartphones' operating systems when encountered with a Wi-Fi access point. By setting up a fake Wi-Fi access point without Internet access (using simple devices such as a laptop), an adversary can prompt a smartphone with enabled Wi-Fi features to automatically terminate a valid mobile broadband connection and connect to this fake Wi-Fi access point. This, as a result, prevents the targeted smartphone from having any type of Internet connection unless the victim is capable of diagnosing the problem and disabling the Wi-Fi features manually. For the majority of smartphone users that have little networking knowledge, this can be a challenging task. We demonstrate that most current smartphones, including iPhone and Android phones, are vulnerable to this DoC attack. To address this attack, we propose implementing a novel Internet-access validation protocol to validate a Wi-Fi access point by taking advantage of the cellular network channel. It first uses the cellular network to send a secret to an Internet validation server, and tries to retrieve this secret via the newly established Wi-Fi channel to validate the connection of the Wi-Fi channel. | |
Identifier: | CFH0004159 (IID), ucf:44838 (fedora) | |
Note(s): |
2012-05-01 B.S.C.E. Engineering and Computer Science, Dept. of Electrical Engineering and Computer Science Bachelors This record was generated from author submitted information. |
|
Subject(s): |
Smartphone Cybersecurity |
|
Persistent Link to This Record: | http://purl.flvc.org/ucf/fd/CFH0004159 | |
Restrictions on Access: | campus 2013-04-01 | |
Host Institution: | UCF |