Techniques are described herein for preventing Media Access Control (MAC) address spoofing attacks based on the two-step onboarding process for open Service Set Identifiers (SSIDs) due to Virtual Local Area Network (VLAN) override after the Internet Protocol (IP) address is learned. These techniques leverage Opportunistic Wireless Encryption (OWE) and an access token to provide a secure channel between the wireless network and the client.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Choukir, Amine; Muccifora, Roberto; Ficara, Domenico; Cuissard, Vincent; Trifilo, Antonio; and Valenza, Salvatore, "SECURE WIRELESS CLIENT ONBOARDING AND SEGMENTATION", Technical Disclosure Commons, (July 03, 2019)