The presence of subverted or “rogue” network side devices are a threat to data privacy. These rogue devices may masquerade as authorized access points, monitoring and routing received network traffic. Once a user connects to a rogue access point, the rogue device may execute a variety of attacks, such as man-in-the-middle attacks, domain name server (DNS) spoofing, traffic forwarding, and denial of service (DoS) attacks. Data packets received by a rogue device may be modified, re-routed to malicious third parties, or dropped entirely, thereby disrupting normal network traffic patterns and exposing data to unauthorized persons.
The ever-increasing number of access technologies enable user equipment to connect to access point results in a steadily increasing number of attack vectors presented by any given access point. The convergence of Wi-Fi and wireless wide area network (WWAN) further increases the volume and complexity of user connections. Other contributors to access point privacy exploits are peer-to-peer wireless, soft access points, and femto cells. These technologies enable dynamic network pathing accessible by a variety of access technologies, thereby increasing the difficulty experienced by individual user equipment in validating and verifying network routing integrity. Methods are needed for detecting rogue access points, particularly those exercising man-in-the-middle attacks, lying within a network access path.