【摘要】：無線局域網(wǎng)(WLAN:Wireless Local Area Networks)是一種有效的移動互聯(lián)網(wǎng)連接方式,在平常的生活中隨處可見。WLAN的實現(xiàn)協(xié)議有很多,其中應(yīng)用最廣泛的是Wi-Fi,因為它能夠消除各終端的差異性,能快速便捷的使各終端連接無線網(wǎng)絡(luò)。隨著智能移動設(shè)備的興起,人們對Wi-Fi的依賴逐漸加深,Wi-Fi已經(jīng)是移動互聯(lián)網(wǎng)不可或缺的一部分。通過便攜式的終端設(shè)備,人們可以使用無線Wi-Fi方便快速的接入互聯(lián)網(wǎng)的社交、瀏覽網(wǎng)頁、網(wǎng)上購物甚至是游戲娛樂等活動。然而隨著無線局域網(wǎng)在生活中的普及,面臨的安全問題也十分凸顯。針對無線局域網(wǎng)的攻擊手段層出不窮,其中無線接入點(AP)的釣魚攻擊是無線網(wǎng)絡(luò)中嚴重的安全威脅之一。無線接入點釣魚攻擊是指黑客利用無線設(shè)備,模擬出一個類似或者完全一樣的偽AP,將其配置與真實AP相同各項性能指標(biāo)以及屬性,使得接入者無法判斷真假,從而誤連上假的AP后導(dǎo)致遭受竊取密碼等攻擊。無線釣魚AP被稱為不合法的接入點,并非是因為它不由政府機構(gòu)或者運營商部署,而是因為布置此裝置的目的是為了竊取機密,造成破壞。無線釣魚攻擊具有隱蔽性,因為對發(fā)動攻擊所需要的設(shè)備和環(huán)境要求不高,攻擊成功的整個過程也很短。攻擊者可以輕易的發(fā)動無線DOS攻擊阻斷正常連接或者采用“中間人”攻擊竊取機密,利用Wi-Fi自動重連的機制對用戶進行釣魚。智能終端在多數(shù)存在無線熱點的場景下都會選擇連接無線熱點來提高連接網(wǎng)絡(luò)的速度,但對該無線熱點的安全性及可靠性卻無法有效地判斷和識別,一旦接入惡意釣魚的無線熱點可能會導(dǎo)致終端內(nèi)的數(shù)據(jù)泄露或者重要的信息泄密,給用戶的信息安全帶來極大的威脅。針對虛假熱點和釣魚熱點竊取用戶信息的問題,目前國內(nèi)主要的移動終端檢測方式大多停留在檢測熱點的名稱和熱點的加密屬性這一階段,稱為特征指紋檢測。這種檢測方法實用性較低,容易被攻擊者破解。為了確保無線接入的安全,除了需要根據(jù)無線熱點的特征屬性對無線安全環(huán)境做參考外還需要進行更加主動有效的方法。本文設(shè)計一種可適用于移動終端設(shè)備的基于主動探測的無線釣魚檢測技術(shù),根據(jù)無線AP的SSID、MAC地址、IP地址、加密方式四個特征指紋來檢測,然后再針對私人Wi-Fi與運營商公共Wi-Fi的不同特性設(shè)計不同的主動探測方案,可以使釣魚攻擊的檢測更加準確,使人們更加放心的享受無線網(wǎng)絡(luò)帶來的方便。綜上所述,從事無線安全檢測技術(shù)在終端實現(xiàn)的研究應(yīng)該具有廣闊的應(yīng)用前景和很大的實踐研究價值。
[Abstract]:Wireless local area network (WLAN:Wireless Local Area Networks) is an effective way to connect to the mobile Internet. It can be seen everywhere in daily life. Among them, the most widely used protocol is Wi-Fi, because it can eliminate the differences between terminals. Can make each terminal connect wireless network quickly and conveniently. With the rise of smart mobile devices, people's dependence on Wi-Fi has deepened and Wi-Fi has become an integral part of the mobile Internet. Through portable terminal devices, people can use wireless Wi-Fi to quickly access the Internet social, browse the web, shopping online and even games and entertainment activities. However, with the popularity of WLAN in life, the security problems are also highlighted. There are many attacks against WLAN, and the phishing attack of wireless access point (AP) is one of the serious security threats in wireless network. Wireless access point phishing attack refers to hackers using wireless devices to simulate a similar or identical pseudo-APs and configure them with the same performance indexes and attributes as the real AP, which makes the accessor unable to judge the truth and falsehood. Thus the false AP caused by the theft of passwords and other attacks. Phishing AP is called an illegal access point, not because it is not deployed by government agencies or operators, but because it is designed to steal secrets and cause damage. The phishing attack is hidden because the equipment and environment required to launch the attack are not high and the whole process of successful attack is very short. An attacker can easily launch a wireless DOS attack to block the normal connection or use a "middleman" attack to steal secrets and make use of the Wi-Fi automatic reconnection mechanism to fish the user. Intelligent terminals will choose to connect wireless hotspots in most scenarios where there are wireless hotspots, but the security and reliability of the wireless hotspots can not be judged and recognized effectively. Once the wireless hotspot of malicious phishing is accessed, it may lead to data leakage or important information disclosure in the terminal, which will bring great threat to the information security of users. Aiming at the problem of false hot spot and phishing hot spot stealing user information, most of the main mobile terminal detection methods stay at the stage of the name of hot spot and the encryption attribute of hot spot, which is called feature fingerprint detection. This detection method is less practical and is easy to be cracked by attackers. In order to ensure the security of wireless access, it is necessary to make reference to wireless security environment according to the characteristic attributes of wireless hot spots. In this paper, an active detection technique based on active detection for mobile terminal devices is designed. It can be detected by four characteristic fingerprints according to IP address of SSIDN MAC address and encryption method of wireless AP. Then, according to the different characteristics of private Wi-Fi and operator public Wi-Fi, different active detection schemes can be designed, which can make the detection of phishing attacks more accurate, and make people more comfortable to enjoy the convenience brought by wireless network. To sum up, the research of wireless security detection technology in the terminal should have a broad application prospect and great practical research value.
【學(xué)位授予單位】：西安工業(yè)大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2016
【分類號】：TN915.08;TN925.93
，

本文編號：2181934