偽のWeb認証による評価用フィッシング環境の開発及び情報漏洩のリスクの検証

抄録

In public wireless LAN services such as free WiFi, the dangers of eavesdropping and tampering with communications have been pointed out. Evil Twin attack which is one of the problems utilizes a fake access point (AP) which has the same configuration as a genuine AP. This study develops a platform for evaluating Evil Twin attacks and investigates information leakage scenarios and thier countermeasures. The information leakage scenarios in the evaluation experiment are the theft of IDs and passwords when logging in via Web authentication and the list attack that attempts to log in to other services using the stolen ID and password pairs.