2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

Detection and Analysis of Flipper Zero

Deauthentication Signals using HackRF One
Software-defined radio
2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT) | 979-8-3315-3313-7/24/$31.00 ©2024 IEEE | DOI: 10.1109/3ICT64318.2024.10824254

Leonel Calderon Geoffrey T. Salvador

College of Engineering College of Engineering
Polytechnic University of the Polytechnic University of the
Philippines Philippines
[email protected] [email protected]

Abstract— Deauthentication attacks remain a significant mitigating deauthentication attacks launched using the
threat to wireless network security. This study investigates the Flipper Zero and similar portable hacking devices.
characteristics of deauthentication signals generated by a
Flipper Zero device as captured by a HackRF One Software-
defined radio (SDR). By analyzing signal parameters such as
II. EXPERIMENTAL SET UP
power levels, frequency bands, and modulation techniques,
distinct features differentiating deauthentication attacks from A. Main Devices
legitimate network traffic are identified. Results indicate that Flipper Zero is a multi-purpose hacking tool designed
deauthentication attacks introduce notable power level spikes, for interacting with various protocols like RFID, NFC, and
increasing from approximately -80 dBm to -30 dBm at a infrared [5] as shown on Figure 1. It can also be used for
distance of one meter. The deauthentication signal typically debugging and flashing firmware. It does not come
occupies a 6 MHz bandwidth centered around 2.422 GHz.
equipped with integrated Wi-Fi functionality.
Signal strength decreases to -35 dBm and -40 dBm at distances
of five and ten meters, respectively. These findings complement
existing packet-based detection methods by providing
additional insights into deauthentication attack characteristics,
enabling the development of more robust detection systems
through the integration of waveform analysis and advanced
signal processing techniques.

Keywords—flipper-zero, deauthentication, software-define

radio, wireless, network, access point

I. INTRODUCTION
Wireless networks have become an integral part of
modern infrastructure, supporting a vast array of critical
applications. Wi-Fi technology has evolved over the years,
enabling high-speed wireless communication and
connectivity for a wide range of consumer devices such as
smartphones, tablets, laptops, smart TVs, and IoT devices
[1]. However, their reliance on open radio channels
introduces inherent vulnerabilities to security breaches. Fig. 1. Inside a Flipper Zero [5]
Deauthentication attacks, where malicious actors employ
deauthorization packets to disrupt legitimate user
However, the Wi-Fi Dev Board, an add-on module
connections, pose a significant threat to network stability [2].
utilizing the ESP32-S2 chip, significantly enhances the
The Flipper Zero, a compact device equipped with a Flipper Zero by providing wireless capabilities. This
radio transceiver and various interfaces by Flipper Devices expansion allows for features such as wireless firmware
Inc, has emerged as a concern due to its potential for misuse updates for the Flipper Zero itself and advanced in-circuit
in Wi-Fi network attacks. While offering legitimate debugging via Wi-Fi [6]. The Developer Board is equipped
functionalities like Radio-frequency identification (RFID) with an ESP32-S2-WROVER module, which includes built-
and Near-field communication (NFC) interaction [3], add-on in Wi-Fi capabilities. It also offers GPIO pins for easy
boards and modified firmware can transform it into a tool for connectivity to various targets. Additionally, the Developer
launching denial-of-service assaults. By flooding access Board features a USB Type-C connector for data transfer
points with deauthorization packets, the Flipper Zero disrupts
and power supply. For user interaction, the Developer Board
active user connections, hindering network operations [4].
has tactile switches. Figure 2 illustrates the development
This paper presents an investigation into the technical board connected to the Flipper Zero.
aspects of the Flipper Zero, focusing on its deauthentication
attack capabilities. This study leverage the HackRF On SDR
of Great Scott Gadgets for detection and analysis of deauth
signals generated by the Flipper Zero. The captured
information from these signals serves as the foundation for
developing a system or device capable of identifying and

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
979-8-3315-3313-7/24/$31.00 ©2024 IEEE 798
 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

Deauthentication attack is tested using a test network

with the EG8145X6-10 as the main access point. The
EG8145X6-10 is an optical network terminal (ONT)
designed for fiber-to-the-home (FTTH) networks. It
typically supports Gigabit Passive Optical Network (GPON)
technology, providing high-speed internet, voice, and video
services over a single fiber optic connection.

B. Software
The HackRF Spectrum Analyzer is a specialized
software tool designed for utilizing the HackRF One as its
waveform analyzer, particularly useful in the detection and
Fig. 2. Wi-Fi Developer Board connected to Flipper Zero [6] analysis of signals such as those generated by the Flipper
Zero tool. It features automatic restart of hackrf_sweep with
The HackRF One with Portapack H2 is a versatile
any settings changes, easy retuning, peak/persistent display,
SDR platform designed for a wide range of wireless
frequency allocation bands, a high-resolution waterfall plot
communication applications. The HackRF One covers a
and a spur filter to remove artifacts from the spectrum.
frequency range of 1 MHz to 6 GHz and supports half-
duplex operation, enabling both the transmission and
Cubic SDR is also used as the main software tool. It is a
reception of signals. It can operate as a USB peripheral or
versatile cross-platform SDR application designed for real-
programmed for stand-alone operation, making it highly
time signal processing and analysis. Utilizing libraries such
adaptable for various uses such as spectrum analysis, signal
as liquid-digital signal processing and Soapy SDR, Cubic
identification, and radio communication experimentation.
SDR supports a wide range of hardware. CubicSDR
Figure 3 shows the actual image of the HackRF One with
provides a robust platform to capture, visualize, and decode
the Portapack H2 module attached, highlighting its compact
signals, including the detection and analysis of
design and user-friendly interface.
deauthentication signals.

C. Firmware
Xtreme Firmware (XFW) for Flipper Zero enhances the
device with additional features, improving its capabilities
for various tasks, including Wi-Fi related attacks. When
installed on Flipper Zero, this firmware enables users to
execute and analyze Wi-Fi deauthentication signals with
greater efficiency, making it an invaluable tool for the
examination of wireless security threats and vulnerabilities.

The Marauder firmware for Wi-Fi development boards

is a highly versatile and powerful suite that equips users
with a range of both offensive and defensive tools tailored
for network security tasks. Developed specifically for these
platforms, it offers robust capabilities such as scanning for
available Wi-Fi networks, monitoring network traffic, and
launching targeted attacks like deauthentication, packet
injection, and handshake capturing. This firmware is not
only used for offensive security testing and network
penetration but also for defensive purposes, allowing users
to assess vulnerabilities and strengthen the security strength
of Wi-Fi environments.
Fig. 3. HackRF One Portapack H2 [7]

The HackRF One Porta Pack H2 Mayhem firmware is

Tests were conducted using a dual-band Wi-Fi an enhanced version of the Havoc firmware, which itself
antenna that operates across frequencies of 2.4 GHz (2400- was an extension of the original Porta Pack firmware. This
2485 MHz) and 5GHz/5.8 GHz (5150-5850 MHz) with a 3 firmware enables extensive Software-defined radio (SDR)
dBi gain. Featuring an RP-SMA male connector, these functionality, such as signal analysis and transmission
antennas are compatible with a wide range of devices, capabilities.
including wireless network routers, Wi-Fi USB adapters,
desktop PC wireless network cards, IP security cameras, and
various video surveillance systems.

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
799
 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

D. Test Set up HackRF One was connected to the computer serially.

HackRF mode was selected, followed by the hackrf_sweep
on the spectrum analyzer. 2.4 GHz as Start and 2.45 GHz as
end frequencies were set, and the sweep was initiated. The
Flipper Zero was placed within one meter of the HackRF
One. Waveforms were captured over at least 25 trials, and
measurements of lower, upper, and center frequency, as well
as dB power levels, were tabulated. The procedure was
repeated with the Flipper Zero placed five meters away from
the SDR. The procedure was repeated again with the Flipper
Zero placed ten meters away from the SDR.

III. RESULTS AND DISCUSSION

This section presents the results of an experimental
analysis of deauthentication attacks, focusing on power level
Fig. 4. Block Diagram of the Test Set up
variations and signal characteristics. The discussion
highlights the implications of these findings for the detection
Figure 4 illustrates the block diagram of the test setup, and mitigation of such attacks.
where the Wi-Fi Development Board is connected to Flipper
Zero. In this setup, the HackRF One sweeps the 2.4 to 2.45 A. Power Level Spikes at Close Proximity
GHz frequency band to receive signals, which are then The experimental analysis reveals that deauthentication
transmitted serially to a computer. The computer is attacks introduce significant power level spikes. At a
equipped with HackRF Spectrum Analyzer software, proximity of one meter, the power levels increase
enabling detailed analysis dramatically from approximately -80 dBm to -30 dBm. The
deauthentication signal typically occupies a bandwidth of 6
MHz, centered around 2.422 GHz. Data were tabulated as
shown on Table I.

TABLE I. DEAUTHENTICATION SIGNAL DATA CAPTURED WITHIN 1

METER

Deauthentication Signal within 1 meter

No Average Peak
Lower Frequency Upper Frequency
Power Level
1 -28 dBm 2.4149 GHz 2.430 GHz

2 -33 dBm 2.415 GHz 2.432 GHz

3 -35 dBm 2.4152 GHz 2.4315 GHz

4 -26 dBm 2.4147 GHz 2.4305 GHz

5 -30 dBm 2.4151 GHz 2.4318 GHz

6 -31 dBm 2.4148 GHz 2.4302 GHz

Fig. 5. Actual Image of the Test Set up
7 -25 dBm 2.4153 GHz 2.4317 GHz
. The Wi-Fi Development Board, connected to the 8 -31 dBm 2.415 GHz 2.4306 GHz
Flipper Zero, facilitates the generation of Wi-Fi
9 -33 dBm 2.4149 GHz 2.4319 GHz
deauthentication signals, while the HackRF One captures
these signals for analysis. The actual set up is shown in 10 -29 dBm 2.4152 GHz 2.4308 GHz
Figure 5. -34 dBm 2.4148 GHz 2.4321 GHz
11
PROCEDURE 12 -37 dBm 2.4151 GHz 2.4316 GHz
Firmware was installed on the Flipper Zero, Wi-Fi 13 -28 dBm 2.415 GHz 2.431 GHz
Development Board, and HackRF One. The HackRF
-31 dBm 2.4149 GHz 2.4315 GHz
Spectrum Analyzer and Q-Flipper software were installed on 14
a computer. A test network was set up using the EG8145X6- 15 -31 dBm 2.4153 GHz 2.4304 GHz
10, and surrounding networks were scanned to select the test
-32 dBm 2.415 GHz 2.4312 GHz
network. A deauthentication attack was launched using the 16
Flipper Zero. The deauthentication signal was immediately 17 -30 dBm 2.4148 GHz 2.4309 GHz
captured within a few seconds by the SDR. However, to
-29 dBm 2.4151 GHz 2.4317 GHz
ensure the capture of a stable signal image and account for 18
any fluctuations, the attack was set to run for an average of 5 19 -26 dBm 2.4149 GHz 2.431 GHz
minutes during each trial.
20 -30 dBm 2.4152 GHz 2.4314 GHz

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
800
 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

21 -32 dBm 2.4147 GHz 2.4313 GHz Deauthentication Signal within 5 meters
No Average Peak
-30 dBm 2.415 GHz 2.4318 GHz Lower Frequency Upper Frequency
22 Power Level
9 -36 dBm 2.4150 GHz 2.4314 GHz
23 -28 dBm 2.4151 GHz 2.4306 GHz
10 -34 dBm 2.4147 GHz 2.4316 GHz
24 -31 dBm 2.4148 GHz 2.4315 GHz
11 -37 dBm 2.4149 GHz 2.4321 GHz
25 -30 dBm 2.4152 GHz 2.4317 GHz
12 -35 dBm 2.4151 GHz 2.4313 GHz

13 -36 dBm 2.4152 GHz 2.4308 GHz

Sample waveforms captured during the experiments are
shown in the following figures. Figure 6 displays the 14 -34 dBm 2.4146 GHz 2.4311 GHz
waveform with the cursor measurement positioned at the -37 dBm 2.4150 GHz 2.4317 GHz
center of the deauthentication signal. 15

16 -35 dBm 2.4148 GHz 2.4309 GHz

17 -36 dBm 2.4153 GHz 2.4312 GHz

18 -34 dBm 2.4147 GHz 2.4315 GHz

19 -37 dBm 2.4151 GHz 2.4306 GHz

20 -35 dBm 2.4149 GHz 2.4319 GHz

21 -36 dBm 2.4150 GHz 2.4307 GHz

22 -34 dBm 2.4146 GHz 2.4310 GHz

23 -37 dBm 2.4152 GHz 2.4318 GHz

24 -35 dBm 2.4149 GHz 2.4314 GHz

25 -36 dBm 2.4147 GHz 2.4305 GHz

Fig. 6. Deauthentication signal captured within 1 meter (b)

Figure 7 shows the sample of captured

B. Signal Strength Decrease with Distance deauthentication signals when flipper zero is place 5 meters
away from the SDR.
As the distance from the source of the attack
increases, a corresponding decrease in signal strength is
observed. At a distance of five meters, the signal strength
reduces to -35 dBm, and at ten meters, it further decreases to
-40 dBm. These measurements highlight the rapid
attenuation of the attack signal with distance, providing
crucial data for understanding the spatial impact of
deauthentication attacks.

Table II presents the tabulated data captured when the

Flipper Zero device is positioned within 5 meters of the
SDR. The average peak power level observed is
approximately -35 dBm, with the signal frequencies ranging
from 2.41 GHz to 2.43 GHz

TABLE II. DEAUTHENTICATION SIGNAL DATA CAPTURED WITHIN 5 Fig. 7. Deauthentication signal captured within 5 meters
METERS

Deauthentication Signal within 5 meters

Table III presents the data captured when the Flipper
No Average Peak
Zero device is positioned within 10 meters of the SDR. The
Lower Frequency Upper Frequency average peak power level observed is approximately -40
Power Level
1 -35 dBm 2.4147 GHz 2.4303 GHz dBm, with the signal frequencies ranging from 2.41 GHz to
2.43 GHz.
2 -36 dBm 2.4151 GHz 2.4322 GHz

3 -34 dBm 2.4149 GHz 2.4317 GHz

TABLE III. DEAUTHENTICATION SIGNAL DATA CAPTURED WITHIN 10
METERS
4 -37 dBm 2.4146 GHz 2.4306 GHz

5 -35 dBm 2.4153 GHz 2.4315 GHz Deauthentication Signal within 10 meters
No Average Peak
-36 dBm 2.4145 GHz 2.4304 GHz Lower Frequency Upper Frequency
6 Power Level

7 -33 dBm 2.4152 GHz 2.4318 GHz 1 -40 dBm 2.4145 GHz 2.4302 GHz

8 -35 dBm 2.4148 GHz 2.4307 GHz 2 -41 dBm 2.4153 GHz 2.4325 GHz

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
801
 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

3 -39 dBm 2.4147 GHz 2.4318 GHz

The captured deauthentication signal, as shown in Figure
9, was recorded using a SDR set to I/Q modulation. The
4 -42 dBm 2.4146 GHz 2.4307 GHz spectrum display indicates a significant signal spike at
5 -40 dBm 2.4152 GHz 2.4319 GHz
approximately 2.422 GHz. The waterfall display clearly
shows a continuous red band at this frequency, indicating the
6 -41 dBm 2.4144 GHz 2.4306 GHz persistent nature of the deauthentication packets.
7 -38 dBm 2.4151 GHz 2.4320 GHz

8 -40 dBm 2.4148 GHz 2.4310 GHz

9 -41 dBm 2.4149 GHz 2.4317 GHz

10 -39 dBm 2.4150 GHz 2.4316 GHz

11 -42 dBm 2.4147 GHz 2.4323 GHz

12 -40 dBm 2.4152 GHz 2.4314 GHz

13 -41 dBm 2.4153 GHz 2.4309 GHz

14 -39 dBm 2.4145 GHz 2.4311 GHz

15 -42 dBm 2.4151 GHz 2.4318 GHz

16 -40 dBm 2.4148 GHz 2.4313 GHz

17 -41 dBm 2.4150 GHz 2.4315 GHz Fig. 9. Deauthentication signal captured using I/Q Modulation
18 -39 dBm 2.4146 GHz 2.4312 GHz
The signal strength decreases by 5 dBm with increasing
19 -42 dBm 2.4153 GHz 2.4308 GHz distance from 5 m to 10 m as show in figure 10 based on the
data collected.
20 -40 dBm 2.4149 GHz 2.4317 GHz

21 -41 dBm 2.4151 GHz 2.4307 GHz

22 -39 dBm 2.4147 GHz 2.4310 GHz

23 -42 dBm 2.4152 GHz 2.4321 GHz

24 -40 dBm 2.4148 GHz 2.4315 GHz

25 -41 dBm 2.4145 GHz 2.4309 GHz

Figure 8 shows the sample of captured deauthentication

signals when flipper zero is place 10 meters away from the
SDR.

Fig. 10. Distance between Flipper Zero and SDR vs signal strength

This is supported by inverse square law, where it states

that for a point source of waves that is capable of radiating
omnidirectionally and with no obstructions in the vicinity,
the intensity decreases with the square of the distance from
the source [14].

This means that when the distance from the source

doubles, the intensity (power per unit area) reduces to 1/4 of
the original intensity
Fig. 8. Deauthentication signal data captured within 10 meters In terms of dBm, a reduction in power to 1/4 of the original
value corresponds to a 6 dB decrease

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
802
 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

From the tabulated data: application to notify users in real time, providing actionable
insights and protection against wireless network threats.
At 5 meters distance the average strength is -35.4 dBm Further exploration of detection algorithms and the
At 10 meters distance the average strength is -40.4 dBm integration of advanced signal processing techniques will be
essential to the success of this system, paving the way for
more secure home networks in the future.

REFERENCES
Based on the formula it predicts that the signal intensity [1] Pahlavan, K., & Krishnamurthy, P. (2021). Evolution and Impact of
should drop by a factor of 4 when the distance doubles. This Wi Fi Technology and Applications: A Historical Perspective.
corresponds to a 6 dB reduction in signal strength, which is International Journal of Wireless Information Networks, 28(3), 3–19.
almost the same as the calculated data. [2] Gao, Y., Wu, T., & Zhang, X. (2018). A study on the security of
WLAN deauthentication attacks. Journal of Network Security, 25(3),
205-217.
CONCLUSION [3] Cass, S. (2023). A Hacker's Delight > You'll Either Love or Hate the
This study investigates the characteristics of Flipper Zero. IEEE Spectrum, 58(6), 10.1109/mspec.2023.10120663.
deauthentication attacks on wireless networks, with a [4] Lab401. (2023). Everything you always wanted to know about
deauthentication but were afraid to ask. Retrieved from
specific focus on power level variations and signal https://lab401.com/blogs/academy/deauth
properties. The problem addressed stems from the increasing
[5] "Flipper Zero Official Website," Flipper Devices Inc., [Online].
availability of portable devices online, which can be easily Available: https://flipperzero.one/.
acquired and used by novice hackers to launch [6] "Flipper Zero Documentation," Flipper Devices Inc., [Online].
deauthentication attacks. These attacks are often the first step Available: https://docs.flipper.net
in more advanced Wi-Fi attacks, as they disrupt the [7] "PortaPack H2 for HackRF," ShareBrained Technology, Inc.,
connection, enabling the capture of Wi-Fi packets or [Online]. Available: https://www.sharebrained.com/portapack/
handshakes. This is particularly concerning for home [8] Miyashiro, H., Medrano, M., Huarcaya, J., & Lezama, J. (2017,
networks, where WPA and WPA2 security protocols are still August 15-18). Software-defined radio for hands-on communication
common, leaving them vulnerable to password cracking and theory. 2017 IEEE XXIV International Conference on Electronics,
Electrical Engineering and Computing (INTERCON), pp. 1-8.
further intrusion, while the adoption of WPA3 remains
underutilized. [9] Martoyo, I., Setiasabda, P., Kanalebe, H. Y., Uranus, H. P., &
Pardede, M. (2018, December 10-11). Software-defined radio for
One significant issue is the bypassing of existing Education: Spectrum Analyzer, FM Receiver/Transmitter and GSM
Sniffer with HackRF One. 2018 2nd Borneo International Conference
promiscuous mode detection tools when used alongside other on Applied Mathematics and Engineering (BICAME)
hacking utilities. Therefore, new methods are needed to [10] Kristiyanto, Y., & Ernastuti, E. (2020). Analysis of deauthentication
detect deauthentication attacks by analyzing specific attack on IEEE 802.11 connectivity based on IoT technology using
parameters such as frequency range, interval, peak signal external penetration test. CommIT (Communication & Information
level, signal variation, and waveforms. These parameters are Technology) Journal, 14(1), 45-51.
crucial to developing a device capable of detecting [11] Kamani, C., Bhojani, D., Bhagyoday, R., Parmar, V., & Dave, D.
deauthentication attacks in real time and identifying the (2019). De-Authentication Attack on Wireless Network. International
Journal of Engineering and Advanced Technology (IJEAT), 8(3S),
attack visually through spectral analysis. ISSN: 2249-8958
Experimental results of this study shown considerable [12] Neal, Z., & Sha, K. (2023, July). Analysis of Evil Twin,
power level spikes from -80 dBm to -30 dBm at a distance of Deauthentication, and Disassociation Attacks on Wi-Fi Cameras
[Conference paper]. Presented at the IEEE International Conference
one meter, with a 6 MHz bandwidth centered at 2.422 GHz. on Communications, Computer Networks and Cybernetics (ICCCN),
As the distance increases, the signal strength drops to -35 DOI: 10.1109/ICCCN58024.2023.10230183
dBm at five meters and -40 dBm at ten meters. These [13] RTL-SDR.com Staff (2024, February 20). Tech Minds: Taking a look
findings emphasize the importance of close-range monitoring at the new HackRF Portapack Mayhem Version 2 Firmware
and strategic sensor placement for effective detection of such [14] RTL-SDR.com Staff (2023, December 29). Tech Minds: A Beginner's
attacks. The characteristic bandwidth of the deauthentication Guide to the HackRF and Portapack with Mayhem Firmware
signal provides a unique spectral signature, offering a [15] Gmacario. (2024). Readme.md. HackRF. Great Scott Gadgets.
reliable means of identification. By integrating waveform [16] Great Scott Gadgets. (2024). HackRF documentation. Read the Docs.
analysis and advanced signal processing techniques with [17] Voudoukis, N. and Oikonomidis, S. 2017. Inverse Square Law for
existing packet-based methods, more robust and effective Light and Radiation: A Unifying Educational Approach. European
detection systems can be developed, thereby improving the Journal of Engineering and Technology Research. 2, 11 (Nov. 2017),
23–27. DOI:https://doi.org/10.24018/ejeng.2017.2.11.517.
resilience of wireless networks against deauthentication
attacks. [18] Asaad, R. R. (2021). Penetration Testing: Wireless Network Attacks
Methods on Kali Linux OS. Academic Journal of Nawroz University
As a step forward, the author is currently developing a (AJNU), 10(1), 7. https://doi.org/10.25007/ajnu.v10n1a998
WLAN protection device aimed at safeguarding home [19] Carballal, A., Galego-Carro, J. P., Rodriguez Fernandez, N., &
networks from various types of attacks, including Fernandez-Lozano, C. (2022). Wi-Fi Handshake: Analysis of
Password Patterns in Wi-Fi Networks.
deauthentication attacks. One of the key requirements for this
[20] Fachri, M., & Rodiah, Dr. (2021). Analysis of Wi-Fi Password
device is the ability to detect and alert users to the presence Vulnerability against Reaver Attacks with Penetration Testing
of potential deauthentication attacks nearby, offering a Method. International Research Journal of Advanced Engineering and
critical layer of defense. The next phase of research will Science, 6(4), 35-38. ISSN (Online): 2455-9024.
focus on refining detection parameters such as signal [21] Hadi, T. H. (2021). Types of Attacks in Wireless Communication
strength, frequency range, and waveform characteristics. Networks. Journal of Wireless Communication and Networks, 19(1),
Additionally, the device will incorporate a mobile xx-xx. DOI: 10.14704/WEB/V19I1/WEB1905

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
803
 2024 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT)

[22] Harahap, B., Silalahi, J., Saragih, A., Pandia, R., Sitompul, D., & [26] Sewpaul, S., Sevalia, R., Ngo, J., & Musante, T. (2023). WARN: Wi-
Singarimbun, E. (2023, January 14). Wireless networking: How Wi- Fi Attack Recognizer and Notifier. DocuSign Envelope ID:
Fi works and the different types of wireless networks 8683DF84-92D8-4599-9CB2-F567789B8C6E. Retrieved from Santa
[23] Isah, A. A., Adamu, A., & Awa, A. (2022). A review of wireless Clara University Institutional Repository.
networks: WLAN security and threats. Advance Journal of Science, [27] Tavares de Sá, F. (Year of publication). Detection of De-
Engineering and Technology, 7(7), 1-16. authentication attack in IEEE 802.11 Networks: A Machine Learning
https://aspjournals.org/journals/ Strategy (MSc Research Project). National College of Ireland, School
[24] Nadeem, M., Zahra, S. W., Abbasi, M. N., Arshad, A., Riaz, S., & of Computing. Retrieved from
Ahmed, W. (2023). Phishing Attack, Its Detections and Prevention https://norma.ncirl.ie/6067/1/felipetavaresdesa.pdf
Techniques. International Journal of Wireless Security and Networks.
Retrieved from https://journals.stmjournals.com/ijwsn
[25] Salman Al-Nuaimi, M. A. ., & Abdu Ibrahim, A. . (2023). Analyzing
and Detecting the De-Authentication Attack by Creating an
Automated Scanner using Scapy. International Journal on Recent and
Innovation Trends in Computing and Communication, 11(2), 131–
137. https://doi.org/10.17762/ijritcc.v11i2.6137

Authorized licensed use limited to: Zhejiang University. Downloaded on July 22,2025 at 15:55:41 UTC from IEEE Xplore. Restrictions apply.
804