SeQR: A User-Friendly and Secure-by-Design Configurator for Enterprise Wi-Fi

要旨

A classic problem in enterprise Wi-Fi is client-side misconfiguration, which enables credential theft via “Evil Twin” (ET) attacks. To mitigate this, we design, develop, and evaluate a new configurator, SeQR, which allows users to effortlessly and securely set up an enterprise Wi-Fi connection. Utilizing existing authenticated channels, SeQR fully automates the client-side enterprise Wi-Fi configuration process with a simple scan, leaving no room for misconfigurations. Specifically, SeQR thwarts ET by making it impossible for users to opt-out from the security-critical certificate validation. We evaluate the efficacy of SeQR on two fronts. First, we implement a prototype of SeQR in Android, and test its functionality and runtime performance. Next, we compare the usability of SeQR against two existing Wi-Fi configuration interfaces of Android in an in-person user study (n=41) with real devices. Our evaluation shows that SeQR achieves noticeable usability improvements over existing designs, and prevents users from misconfiguring.

著者
S Mahmudul Hasan
Syracuse University, Syracuse, New York, United States
Che Wei Tu
The Chinese University of Hong Kong, Hong Kong, Hong Kong
Endadul Hoque
Syracuse University, Syracuse, New York, United States
Omar Haider Chowdhury
Stony Brook University, Stony Brook, New York, United States
Sze Yiu Chau
The Chinese University of Hong Kong, Hong Kong, Hong Kong
DOI

10.1145/3706598.3714223

論文URL

https://dl.acm.org/doi/10.1145/3706598.3714223

動画

会議: CHI 2025

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2025.acm.org/)

セッション: CS Education and Security

G303
6 件の発表
2025-04-28 20:10:00
2025-04-28 21:40:00
日本語まとめ
読み込み中…