Abstract: A system for detecting a rogue access point (AP) may include: a user device configured to detect whether an accessed AP is a rogue AP with reference to a rogue AP database based on uniform resource locator (URL) access detection, and determine whether the accessed AP is a rogue AP by further using one or more information of secure sockets layer (SSL) certificate validity information of a predetermined server, electronic signature information of an accessed web page, and media access control (MAC) address collection information of an accessed gateway, if information of the accessed AP is not searched in the rogue AP database; and a detection server configured to share the rogue AP database with the user device. Using the system for detecting a rogue AP, it is possible to detect existence of a rogue AP having an unknown form through access detecting using a one-time URL, and detect address resolution protocol (ARP) spoofing attack.

Abstract: A system for detecting a rogue access point (AP) may include: a user device configured to detect whether an accessed AP is a rogue AP with reference to a rogue AP database based on uniform resource locator (URL) access detection, and determine whether the accessed AP is a rogue AP by further using one or more information of secure sockets layer (SSL) certificate validity information of a predetermined server, electronic signature information of an accessed web page, and media access control (MAC) address collection information of an accessed gateway, if information of the accessed AP is not searched in the rogue AP database; and a detection server configured to share the rogue AP database with the user device. Using the system for detecting a rogue AP, it is possible to detect existence of a rogue AP having an unknown form through access detecting using a one-time URL, and detect address resolution protocol (ARP) spoofing attack.