Doctoral Programme in Network and Information Technologies
09/07/2024

Author: Manesh Thankappan
Programme: Doctoral Programme in Network and Information Technologies
Language: English
Supervisors: Dr Helena Rifà Pous & Dr Carles Garrigues Olivella
Faculty / Institute: Doctoral School UOC
Subjects: Computer Science
Key words: wireless LAN, MC-MitM attack, KRACK, FragAttacks, intrusion detection

Area of knowledge: Network and Information Technologies

Link to the project

Summary

One of the advanced Man-in-the-Middle (MitM) attacks is the Multi-Channel MitM (MC-MitM) attack, which manipulates encrypted wireless frames between clients and the Access Point (AP) in a WLAN. Key reinstallation attacks (2019), FragAttacks (2021), and SSID confusion attacks (2024) have significantly impacted millions of Wi-Fi systems, especially IoT devices.This thesis evaluates MC-MitM attacks, categorizing them based on objectives and reviewing existing defense mechanisms, which often require impractical firmware modifications and advanced hardware. We propose a signature-based intrusion detection system for effective defense. In our research, we design lightweight signatures for quick identification of MC-MitM attacks. We introduce an intrusion detection system, a plug-and-play and passive monitoring system for detecting MC-MitM attacks. Our prototype, tested in a smart home network, achieved high detection accuracy. We further enhance our system with a distributed detection mechanism, significantly improving detection performance in smart home and IoT settings.