Analisis Unauthorized Access Point Menggunakan Teknik Network Forensics

Felicia Paramita, Madeline Madeline, Olga Alvina, Rahel Esther Sentia, Ade Kurniawan

Abstract


In this era, free access points are found available in various places. But this freedom comes with a price, and only a few users really understand the risk. In a recent survey, 70% of tablet owners and 53% of smartphone owners stated that they use public wifi hotspots. The biggest threat to public wifi security is how a hacker positions himself as a liaison between victims and Authorized Access Points. To do this the hacker creates an Unauthorized Access Point (Fake Access Point). We took a pentester/attacker POV in this artikel for educational purposes, so that users may know the stages of Fake Access Point attack based on Kali Linux, Fluxion. For the digital evidence analysis stage, we used the customized OSCAR (Obtain information, Strategies, Collect Evidence, Analyze and Report) methods, where attacking is the stage for preparation, determining which wifi Access Points is going to be the target of the attack, and carrying out attacks. While, analysis is the stage of analyzing the steps of attack and how to distinguish between AAP and UAP. The results of our research are that after determining the target, the pen tester/attacker will use aircrack-ng on Fluxion to get a handshake, create a fake web interface, then launch a deauth all attack, also known as DoS, to AAP so that the victim / client cannot connect with the AAP and switch to Fake Access Point. The fake web interface will then ask the victim to enter the password, where after the password is found, the pen tester/attacker can see it through Fluxion. As a precautionary measure, the difference between a Fake Access Point and an Authorized Access Point is found in the presence or absence of the padlock symbol (Android) or an exclamation point (Windows 10).

Pada zaman ini, free access point telah tersedia di berbagai tempat. Namun, nyatanya kebebasan ini memiliki harga, dan hanya sedikit pengguna yang memahami benar risikonya. Ancaman terbesar terhadap kemanan wifi publik adalah bagaimana seorang hacker memposisikan dirinya sebagai penghubung antar korban dan Authorized Access Point. Untuk melakukan hal tersebut, hacker membuat Unauthorized Access Point (Fake Access Point). Dalam artikel ini pen tester/attacker diambil sudut pandang sebagai dengan tujuan edukasi, agar pengguna mengetahui tahapan serangan Fake Access Point dengan tool Fluxion berbasis OS Kali Linux. Tahapan analisis bukti digital menggunakan metode OSCAR (Obtain Information, Strategies, Collect Evidence, Analyze and Report) yang telah di kostumisasi, di mana attacking adalah tahapan untuk persiapan menentukan target wifi Access Point yang akan diserang serta menjalankan serangan. Analysis adalah tahapan menganalisa langkah penyerangan serta bagaimana cara membedakan Authorized Access Point dengan Unauthorized Access Point. Hasil penelitian yang dilakukan setelah menentukan target, pentester/attacker akan menggunakan Aircrack-ng pada Fluxion untuk mendapatkan handshake, membuat web interface palsu, kemudian melancarkan serangan Deauth all, dikenal DoS ke AAP, sehingga korban/client tidak dapat terkoneksi dan masuk ke Fake Access Point. Web interface palsu kemudian akan meminta korban untuk memasukkan password. Setelah password ditemukan, maka pen tester/attacker dapat melihatnya melalui Fluxion. Sebagai langkah pencegahan, perbedaan antara Fake Access Point dan yang Authorized Access Point ditemukan pada ada tidaknya simbol gembok (Android) atau tanda seru (Windows 10).


Keywords


Wireless Network, Access Point, Unauthorized Access Point, serangan Fake Access Point, Fluxion

Full Text:

PDF

References


S. Ayare, S. Das, V. Sayanekar, and P. R. Patkar, “Fake Access Point Detection in Network,” Int. J. Adv. Res. Comput. Commun. Eng., vol. 3, no. 3, pp. 5727–5729, 2014.

O. Salman, I. H. Elhajj, A. Chehab, and A. Kayssi, “A Multi-level Internet Traffic Classifier Using Deep Learning,” in 2018 9th International Conference on the Network of the Future (NOF), 2018, pp. 68–75.

H. Mustafa and W. Xu, “CETAD: Detecting evil twin access point attacks in wireless hotspots,” in 2014 IEEE Conference on Communications and Network Security, 2014, pp. 238–246.

D. Kim and S. An, “PKC-Based DoS Attacks-Resistant Scheme in Wireless Sensor Networks,” IEEE Sens. J., vol. 16, no. 8, pp. 2217–2218, Apr. 2016.

D. Wang and P. Wang, “On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions,” Comput. Networks, vol. 73, pp. 41–57, Nov. 2014.

T. Mekhaznia and A. Zidani, “Wi-Fi Security Analysis,” Procedia Comput. Sci., vol. 73, pp. 172–178, 2015.

Y. Ma and H. Ning, “Improvement of EAP Authentication Method Based on Radius Server,” in 2018 IEEE 18th International Conference on Communication Technology (ICCT), 2018, pp. 1324–1328.

T. Zhou, Z. Cai, B. Xiao, Y. Chen, and M. Xu, “Detecting Rogue AP with the Crowd Wisdom,” in 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), 2017, pp. 2327–2332.

B. Shan, “The spread of malware on the WiFi network: Epidemiology model and behaviour evaluation,” in 2009 1st International Conference on Information Science and Engineering, ICISE 2009, 2009, pp. 1916–1918.

A. Kumar and P. Paul, “Security analysis and implementation of a simple method for prevention and detection against Evil Twin attack in IEEE 802.11 wireless LAN,” in 2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT), 2016, pp. 176–181.

I. Riadi and A. Kurniawan, Forensik Jaringan & Cloud. yogyakarta: Diandra Kreatif, 2019.

. B., Y. Yanti, and . Z., “Implementasi Sistem Keamanan WPA2-PSK pada Jaringan WiFi,” J. Serambi Eng., vol. 3, no. 1, pp. 248–254, Jan. 2018.

F. Lanze, A. Panchenko, I. Ponce-Alcaide, and T. Engel, “Hacker’s toolbox: Detecting software-based 802.11 evil twin access points,” in 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), 2015, pp. 225–232.

H. Kim, Y.-J. Kang, N. Bruce, S. Park, and H. Lee, “Smartphone-Based Secure Access Control in Wireless Network Analysis,” in 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops, 2015, pp. 344–347.


Refbacks

  • There are currently no refbacks.


Copyright (c) 2020 Jurnal Telematika

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

____________________________________________

Institut Teknologi Harapan Bangsa

Jl. Dipatiukur no. 80-84 Lt. 2

Bandung 40132


Creative Commons License

Jurnal Telematika is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.