PEDR: A Novel Evil Twin Attack Detection Scheme Based on Phase Error Drift Range

In recent years, wireless local area networks (WLANs) have become one of the important ways to access the Internet. However, the openness of WLANs makes them vulnerable to the threat of the evil twin attack (ETA). Existing effective ETA detection solutions usually rely on physical fingerprints. Especially fingerprints made by information extracted from channel state information (CSI) are more reliable. However, demonstrated by our experiment, the fingerprint of the state-of-the-art ETA detection scheme, which is based on phase error extracted from CSI, is not stable enough, and it results in a large number of false negative results in some cases. In this paper, we present a novel ETA detection scheme, called PEDR, which uses range fingerprint extracted from CSI to identify the evil twin (ET). Inspired by the significant observation that the phase error will drift over time, the concept of drift range fingerprints is proposed and exploited to improve ETA detection accuracy in real-world attack scenarios. Range fingerprints are not affected by drift in phase error and can be uniquely identified. The proposed range fingerprint is implemented and extensive performance evaluation experiments are conducted in the large-scale experiment with 27 devices. The experimental results demonstrate that the detection rate of PEDR is close to 99% and the false negative data is only 1.11%. It is worth mentioning that PEDR is outstanding in the scenario with similar device fingerprints.