Sistema unificado de detecção e mitigação de ataques de Evil Twin em redes Wi-Fi industriais com IoT/IIoT

Abstract

The security of Wi-Fi networks in industrial environments has become a critical challenge in the context of digital transformation, especially with the widespread adoption of IoT and IIoT devices. The Evil Twin attack, characterized by fraudulent access points impersonating legitimate networks, poses a serious threat to the confidentiality, integrity, and availability of industrial systems. Traditional protocols such as WPA2-PSK prove insufficient in complex environments, leaving networks vulnerable to data interception and unplanned production downtime. This dissertation proposes a Unified Detection and Mitigation System (UDMS), integrating robust RADIUS-based authentication (IEEE 802.1X), continuous monitoring through the Snort intrusion detection system, and centralized access management via Active Directory. The methodology involved progressive implementation across five experimental scenarios with controlled attack simulations. Results showed a reduction in attack success rate from 87% to less than 10%, maintaining latency below 400 ms and achieving high accuracy with low false positive and false negative rates. The study concludes that the integrated approach outperforms conventional solutions, providing effective and viable protection for industrial Wi-Fi networks.