【摘要】：無(wú)線局域網(wǎng)(WLAN:Wireless LAN)作為固網(wǎng)和移動(dòng)通信網(wǎng)的一種有效的補(bǔ)充手段,是傳統(tǒng)運(yùn)營(yíng)商和移動(dòng)運(yùn)營(yíng)商業(yè)務(wù)發(fā)展的重點(diǎn)。因此,隨著城市無(wú)線局域網(wǎng)熱點(diǎn)在公共場(chǎng)所大規(guī)模的部署,無(wú)線局域網(wǎng)安全變得尤為突出和重要。由于無(wú)線電通信特殊的輻射性、無(wú)線空間傳播信道的開(kāi)放性,導(dǎo)致包括：假冒攻擊、網(wǎng)絡(luò)欺騙、信息竊取等諸多不安全因素,使網(wǎng)絡(luò)運(yùn)營(yíng)和通信信息的安全受到極大威脅,其中無(wú)線釣魚接入點(diǎn)(AP:Access Poi nt)攻擊是無(wú)線網(wǎng)絡(luò)中嚴(yán)重的安全威脅之一。攻擊者一般會(huì)在具有城市公共熱點(diǎn)或其他網(wǎng)絡(luò)熱點(diǎn)的區(qū)域部署無(wú)線釣魚AP,無(wú)線釣魚AP和合法授權(quán)的AP具有相同的無(wú)線網(wǎng)絡(luò)名稱(SSID:Service Set Identifier),使得受害者誤以為是合法授權(quán)的接入點(diǎn)進(jìn)行連接,從而導(dǎo)致一系列的無(wú)線網(wǎng)絡(luò)攻擊發(fā)生,如無(wú)線中間人攻擊和無(wú)線釣魚攻擊。因此,本文主要討論的就是在這些無(wú)線網(wǎng)絡(luò)攻擊發(fā)生之前,或者用戶接入無(wú)線網(wǎng)絡(luò)之前檢測(cè)出目標(biāo)無(wú)線網(wǎng)絡(luò)中是否存在無(wú)線釣魚AP。文章中首先介紹了無(wú)線釣魚AP相關(guān)原理,包括無(wú)線釣魚AP的構(gòu)造實(shí)現(xiàn)原理和攻擊原理。其次,介紹了無(wú)線釣魚AP檢測(cè)技術(shù)的研究現(xiàn)狀并對(duì)現(xiàn)有檢測(cè)技術(shù)進(jìn)行分類比較。文章中研究了基于無(wú)線設(shè)備特征指紋的無(wú)線釣魚AP檢測(cè)技術(shù),利用無(wú)線設(shè)備固有的特征指紋來(lái)區(qū)分真假AP。文章中將無(wú)線設(shè)備特征指紋分為兩類：基于無(wú)線端的特征指紋和基于特種MAC幀刺激響應(yīng)的特征指紋,并通過(guò)相關(guān)實(shí)驗(yàn)提取這些特征指紋。特征指紋提取實(shí)驗(yàn)結(jié)果表明,這兩類無(wú)線設(shè)備的特征指紋可以檢測(cè)出目前大部分無(wú)線釣魚AP。最后,文章提出了一種面向用戶、輕量級(jí)、高效率、低錯(cuò)誤率的無(wú)線釣魚AP檢測(cè)方案。
[Abstract]:Wireless local area network (WLAN:Wireless LAN), as an effective supplementary means of fixed network and mobile communication network, is the focus of the development of traditional operators and mobile operators. Therefore, with the large-scale deployment of urban WLAN hot spots in public places, WLAN security becomes particularly prominent and important. Due to the special radiance of radio communication and the openness of wireless space communication channel, many unsafe factors, such as counterfeit attack, network deception, information theft, etc., threaten the network operation and the security of communication information. Phishing access Point (AP:Access Poi nt) is one of the serious security threats in wireless network. Attackers typically deploy phishing AP, phishing AP and legally authorized AP with the same wireless network name (SSID:Service Set Identifier),) in areas with urban public hot spots or other network hotspots The victim is mistaken for the connection of legally authorized access points, which leads to a series of wireless network attacks, such as wireless man-in-the-middle attacks and phishing attacks. Therefore, the main discussion in this paper is to detect the existence of phishing AP. in the target wireless network before these wireless network attacks occur, or before the user accesses the wireless network This paper first introduces the related principles of the phishing AP, including the construction realization principle and attack principle of the phishing AP. Secondly, this paper introduces the research status of AP detection technology and classifies and compares the existing detection techniques. In this paper, a wireless phishing AP detection technology based on wireless device feature fingerprint is studied, and the inherent feature fingerprint of wireless device is used to distinguish true and false AP.. In this paper, the feature fingerprint of wireless device is divided into two categories: one is based on wireless end and the other is based on special MAC frame stimulus response. The experimental results of feature fingerprint extraction show that the feature fingerprints of these two types of wireless devices can detect most of the current wireless phishing AP.. Finally, this paper presents a lightweight, efficient and low error rate wireless phishing AP detection scheme.
【學(xué)位授予單位】：南京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TN915.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前1條

1 黃芬;打造“中興網(wǎng)絡(luò)”的特征指紋[J];通信世界;2004年28期

相關(guān)碩士學(xué)位論文 前1條

1 顧楊;基于無(wú)線設(shè)備特征指紋的無(wú)線釣魚接入點(diǎn)檢測(cè)技術(shù)研究[D];南京郵電大學(xué);2014年

，

本文編號(hào)：2394248