摘要
移动互联网的快速发展和Wi Fi网络的日益普及,促使人们习惯通过各种Wi Fi热点接入因特网。然而,公众Wi Fi热点在提供便利的同时,也增大了网络安全风险。无线信号固有的辐射性、空间信道的开放性,以及公众无线热点本身的不可信等安全隐患,使得无线接入面临严重的安全问题。文章简单介绍了Wi Fi接入模型,并结合使用Wireshark等软件进行的实验,针对公众Wi Fi热点本身存在的不可信等问题,分别从数据内容、报文首部、域名系统以及个人隐私等方面,分析了公共环境下无线接入可能造成的网页内容推送时账户和密码明文传输泄露、用户使用浏览器时浏览行为轨迹泄露、网页数据内容被篡改、域名欺骗以及用户个人隐私暴露等安全问题,目的也是提高公众对无线接入的安全意识。
With the rapid development of mobile internet and the rising popularity of Wi Fi network, people are used to access the Internet through a variety of Wi Fi hotspots. However, the public Wi Fi hotpots not only provide conveniences, but also increase the network security risks. The wireless access is faced with serious problems, considering the radiation of the wireless signals, the openness of the space channels and the incredible public wireless hotpots. The paper briefl y introduces the Wi Fi access model and for the incredible issues of the public Wi Fi hotpots, analyzes the possible security problems from the aspects of content of data, the message header, the domain system and the personal privacy with the experiments that used Wireshark and other software. These problems include the leakage of accounts and passwords when Web contents are pushed in Plaintext, the leakage of behavior trajectories when users use the browsers, the tampering with the Web contents, domain name deception and the leakage of users' personal privacies. The paper studies these problems in order to enhance the public security awareness of wireless access.
出处
《信息网络安全》
2016年第4期69-75,共7页
Netinfo Security
基金
国家自然科学基金海峡联合基金重点项目[U1405255]
福建省工业科技重点项目[2014H0018]
福州科技计划项目[2015-G-51]
关键词
公众Wi
FI
信息泄露
协议报文
域名欺骗
位置隐私
public Wi Fi
information leakage
protocol packet
domain hijacking
location privacy
