Feedback

Faculté des Sciences appliquées
Faculté des Sciences appliquées
MASTER THESIS

SnapDesk and beacon-sniffer: A System for Real-Time Beacon Frame Monitoring Using a Managed Mode Interface

Download
Pagano, Florian ULiège
Promotor(s) : Donnet, Benoît ULiège
Date of defense : 30-Jun-2025/1-Jul-2025 • Permalink : http://hdl.handle.net/2268.2/23188
Details
Title : SnapDesk and beacon-sniffer: A System for Real-Time Beacon Frame Monitoring Using a Managed Mode Interface
Author : Pagano, Florian ULiège
Date of defense  : 30-Jun-2025/1-Jul-2025
Advisor(s) : Donnet, Benoît ULiège
Committee's member(s) : Debatty, Thibault 
Leduc, Guy ULiège
Mathy, Laurent ULiège
Language : English
Keywords : [en] Wi-Fi
[en] Evil Twin Attack
[en] Device Driver
[en] Frame Capture
Discipline(s) : Engineering, computing & technology > Civil engineering
Target public : Researchers
Professionals of domain
Student
General public
Institution(s) : Université de Liège, Liège, Belgique
Cylab, Bruxelles, Belgique
Degree: Master : ingénieur civil en informatique, à finalité spécialisée en "computer systems security"
Faculty: Master thesis of the Faculté des Sciences appliquées

Abstract

[en] Client-server communication is increasingly critical in our interconnected world, making the integrity of wireless networks essential. Malicious actors can exploit vulnerabilities in Wi-Fi infrastructure through attacks such as Evil Twin Attacks, where rogue access points impersonate legitimate ones to intercept user data. A tool called Snappy attempts to address this threat by identifying nearby access points, but it suffers from several usability and reliability limitations.

This thesis proposes a more user-friendly and effective approach, building upon Snappy's core logic. It introduces two main components: a custom Linux kernel module called beacon-sniffer, and a Debian-based user-space application named SnapDesk. The beacon-sniffer module is injected into an existing Wi-Fi driver and captures beacon frames using a Wi-Fi interface in managed mode, eliminating the need for monitor mode or specialized hardware. The captured data is sent to SnapDesk, which analyzes the frames, stores relevant information in a database, and notifies the user when new or suspicious access points are detected.

Together, these components form an accessible and efficient platform for Evil Twin detection, improving on existing solutions by reducing complexity and enabling real-time alerts. This work lays the foundation for more robust and user-oriented wireless threat detection systems.

SnapDesk and beacon-sniffer can be found in the following github repository: https://github.com/Flopag/SnapDesk


File(s)

Document(s)

File
Access SnapDesk.pdf
Description:
Size: 13.72 MB
Format: Adobe PDF

Annexe(s)

File
Access attachments.zip
Description: Contains: the Improved version of Snappy, labs, beacon-sniffer, and SnapDesk
Size: 3.8 MB
Format: Unknown

Author

  • Pagano, Florian ULiège Université de Liège > Master ing. civ. inf. fin. spéc. comp. syst. secur

Promotor(s)

Committee's member(s)

  • Debatty, Thibault
  • Leduc, Guy ULiège Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques
    ORBi View his publications on ORBi
  • Mathy, Laurent ULiège Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Systèmes informatiques répartis et sécurité
    ORBi View his publications on ORBi








All documents available on MatheO are protected by copyright and subject to the usual rules for fair use.
The University of Liège does not guarantee the scientific quality of these students' works or the accuracy of all the information they contain.