Table of Contents Author Guidelines Submit a Manuscript
Mobile Information Systems
Volume 2017 (2017), Article ID 1248578, 14 pages
Research Article

Exploiting Wireless Received Signal Strength Indicators to Detect Evil-Twin Attacks in Smart Homes

1School of Information Science and Technology, Northwest University, Xi’an, China
2School of Computing and Communications, Lancaster University, Lancaster, UK

Correspondence should be addressed to Dingyi Fang and Zheng Wang

Received 20 September 2016; Accepted 21 November 2016; Published 17 January 2017

Academic Editor: Qingchen Zhang

Copyright © 2017 Zhanyong Tang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


Evil-Twin is becoming a common attack in smart home environments where an attacker can set up a fake AP to compromise the security of the connected devices. To identify the fake APs, The current approaches of detecting Evil-Twin attacks all rely on information such as SSIDs, the MAC address of the genuine AP, or network traffic patterns. However, such information can be faked by the attacker, often leading to low detection rates and weak protection. This paper presents a novel Evil-Twin attack detection method based on the received signal strength indicator (RSSI). Our approach considers the RSSI as a fingerprint of APs and uses the fingerprint of the genuine AP to identify fake ones. We provide two schemes to detect a fake AP in two different scenarios where the genuine AP can be located at either a single or multiple locations in the property, by exploiting the multipath effect of the Wi-Fi signal. As a departure from prior work, our approach does not rely on any professional measurement devices. Experimental results show that our approach can successfully detect 90% of the fake APs, at the cost of a one-off, modest connection delay.