Wi-Fi Handshake: analysis of password patterns in Wi-Fi networks-Reference-Cited by-同舟云学术

Wi-Fi Handshake: analysis of password patterns in Wi-Fi networks

Published:2022-12-16 Issue: Volume:8 Page:e1185
ISSN:2376-5992
Container-title:PeerJ Computer Science
language:en
Short-container-title:

Author:

Carballal Adrian¹^ORCID,Galego-Carro J. Pablo²,Rodriguez-Fernandez Nereida³,Fernandez-Lozano Carlos¹^ORCID

Affiliation:

1. Department of Computer Science and Information Technologies, Faculty of Computer Science, CITIC-Research Center of Information and Communication Technologies, Universidade da Coruña, A Coruña, A Coruña, Spain

2. Computer Architecture Group, Faculty of Computer Science, Universidade da Coruña, A Coruña, Spain

3. Department of Computer Science and Information Technologies, Faculty of Communication Science, CITIC-Research Center of Information and Communication Technologies, Universidade da Coruña, A Coruña, Spain

Abstract

This article seeks to provide a snapshot of the security of Wi-Fi access points in the metropolitan area of A Coruña. First, we discuss the options for obtaining a tool that allows the collection and storage of auditable information from Wi-Fi networks, from location to signal strength, security protocol or the list of connected clients. Subsequently, an analysis is carried out aimed at identifying password patterns in Wi-Fi networks with WEP, WPA and WPA2 security protocols. For this purpose, a password recovery tool called Hashcat was used to execute dictionary or brute force attacks, among others, with various word collections. The coverage of the access points in which passwords were decrypted is displayed on a heat map that represents various levels of signal quality depending on the signal strength. From the handshakes obtained, and by means of brute force, we will try to crack as many passwords as possible in order to create a targeted and contextualized dictionary both by geographical location and by the nature of the owner of the access point. Finally, we will propose a contextualized grammar that minimizes the size of the dictionary with respect to the most used ones and unifies the decryption capacity of the combination of all of them.

Funder

General Directorate of Culture, Education and University Management of Xunta de Galicia

Galician Network for Colorectal Cancer Research

Competitive Reference Groups

Spanish Ministry of Economy and Competitiveness via funding of the unique installation BIOCAI

European Regional Development Funds

Publisher

PeerJ

Subject

General Computer Science

Link

https://peerj.com/articles/cs-1185.pdf

Reference43 articles.

1. Users are not the enemy;Adams;Communications of the ACM,1999

2. Infographic 20 years of Wi-Fi;Alliance,2019

3. Practical attacks against WEP and WPA;Beck;IACR Cryptology ePrint Archive,2008

4. The science of guessing: analyzing an anonymized corpus of 70 million passwords;Bonneau,2012

5. User behaviours associated with password security and management;Bryant;Australasian Journal of Information Systems,2006