Abstract
The security issue of public WiFi is gaining more and more concern. By listening to probe requests, an adversary can obtain the SSID list of the APs to which a smartphone previously connected, and utilizes this information to trick the smartphone into associating to it. However, with the enhancement of security level, most smartphones now do not proactively disclose their SSID lists, making these attacks obsolete. In this paper, we propose City-Hunter, an attacker that can lure nearby smartphones without knowing their SSID information. City-Hunter establishes and maintains an SSID database by integrating both offline and online information. Meanwhile, it smartly chooses some SSIDs to hit a smartphone according to the past record and freshness. We evaluate the performance of City-Hunter in different public places. The results demonstrate that City-Hunter is able to successfully hit 12% ∼ 18% smartphones without knowing their SSID information, which is about 4 ∼ 8 times improvement compared to the similar attacks like KARMA and MANA.
Original language | English |
---|---|
Title of host publication | Proceedings - IEEE 37th International Conference on Distributed Computing Systems, ICDCS 2017 |
Publisher | IEEE |
Pages | 162-171 |
Number of pages | 10 |
ISBN (Electronic) | 9781538617915 |
DOIs | |
Publication status | Published - 13 Jul 2017 |
Event | 37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017 - J.W. Marriott Hotel, Atlanta, United States Duration: 5 Jun 2017 → 8 Jun 2017 |
Conference
Conference | 37th IEEE International Conference on Distributed Computing Systems, ICDCS 2017 |
---|---|
Country/Territory | United States |
City | Atlanta |
Period | 5/06/17 → 8/06/17 |
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Computer Networks and Communications