The present invention relates to wireless communications and more particularly, but not exclusively to wireless communications access security apparatuses and methods.
Today, criminals are keen to exploit a wireless access point (say a Wi-Fi access point, a cellular base access point, etc., as described in further detail hereinbelow) so they can maliciously steal sensitive information from or commit fraud on client devices in communication with such a malicious wireless access point.
For example, criminals may use their malicious access point to attack client devices (say smart cellular phones, tablet computers, etc., as described in further detail hereinbelow) that unaware of the malicious nature of the access point, connect with the malicious access point.
Some of the most common attacks on client devices employed now days by criminals are the so-called “phishing” and “man-in-the-middle” attacks.
A phishing attack typically involves an attempt to acquire sensitive information from users of client devices—say usernames, passwords, credit card details, etc., by masquerading as a legitimate access point in a communication network.
Such a legitimate access point may be, for example, a mobile telecommunications network's cellular base station, an open access Wi-Fi access point of a wireless local area network in a Cafe, etc.
Attackers may masquerade as the legitimate wireless access point using their own wireless access point (e.g. a malicious access point). The user of the client device is fooled into connecting his client device to the attacker's malicious wireless access point instead of the legitimate wireless access point. Consequently, the attackers may gain access to sensitive information on the user's client device.
A man-in-the-middle attack is a form of eavesdropping in which an attacker makes independent connections with a user's client device and acts as a relay between the client device and a legitimate entity, such as a wireless access point or even another client device over a communication network.
The attacker can then control or eavesdrop on the user's wireless communication session. In such attacks, the attacker has to intercept all messages into and out of the client device, and inject new false messages into the communication session.