A Lightweight Solution for Defending Against Deauthentication/Disassociation Attacks on 802.11 Networks

Nguyen, Tuan-Duc; Nguyen, Dinh Thanh; Tran, B.N.; Vu, Hai; Mittal, Neeraj

doi:10.1109/icccn.2008.ecp.51

Cited by 26 publications

(19 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Second, a legitimate wireless station may be marked as an attacker simply because it sends two or more frames, as some devices are designed to send more than one frame to leave a WLAN. Nguyen et al [91] suggested that the AP and WLAN users employ a secret key to authenticate the deauthentication frames. However, this technique would require the firmware of the drivers and devices to be modified.…”

Section: Deauthentication/disassociation Countermeasuresmentioning

confidence: 99%

Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions

Alotaibi

Elleithy

2016

Wireless Pers Commun

View full text Add to dashboard Cite

Wireless Local Area Networks (WLANs) are increasingly integrated into our daily lives. Access Points (APs) are an integral part of the WLAN infrastructure, as they are responsible for coordinating wireless users and connecting them to the wired side of the network and, eventually, to the Internet. APs are deployed everywhere, from airports and shopping malls to coffee shops and hospitals, to provide Internet connectivity. One of the most serious security problems encountered by WLAN users is the existence of Rogue Access Points (RAPs). This article classifies existing solutions, identifies vulnerabilities, and suggests future directions for research into these RAPs. The ultimate objective is to classify existing detection techniques and find new RAP types that have not been classified by the research community. The literature typically categorizes Evil-twin, Unauthorized, Compromised, and Improperly Configured RAPs. Two other types have largely been abandoned by researchers, but can be classified as Denial of Service RAP attacks. These are deauthentication/disassociation attacks targeting wireless users, and the forging of the first message in a four-way handshake.

show abstract

Section: Deauthentication/disassociation Countermeasuresmentioning

confidence: 99%

Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions

Alotaibi

Elleithy

2016

Wireless Pers Commun

View full text Add to dashboard Cite

show abstract

“…Upgrading all millions of Wi-Fi devices to support the 802.11w is a difficult task. • Nguyen et al [16] have proposed a Letter-envelop protocol to prevent the de-authentication DoS attack . In their approach the client and AP share a secret key which is used for authenticating the de-authentication frame and Dis-association frames.…”

Section: Related Work and Motivationmentioning

confidence: 99%

Detection of De-authentication Denial of Service attack in 802.11 networks

Agarwal

Biswas

Nandi

2013

2013 Annual IEEE India Conference (INDICON)

View full text Add to dashboard Cite

Wi-Fi networks are prone to a large number of Denial of Service (DoS) attacks due to vulnerabilities at the MAC layer of 802.11 protocol. In this paper we focus on the De-authentication DoS attack in Wi-Fi networks. The impact of de-authentication DoS attack is severe as the victim gets disconnected from the network. This attack can be launched easily using minimal resources. In this paper we propose an Intrusion Detection System (IDS) along with Intrusion Prevention System (IPS) that not only detects the de-authentication DoS attack in a Wi-Fi network but also helps the victim station (STA) in recovering swiftly from the attack. Our proposed IDS is lightweight and detects the attack with high accuracy & low false positive rate. Our technique can be easily deployed on open as well as encrypted networks.

show abstract

“…A lightweight authentication solution for dissociation DoS attacks, based upon Letter‐Envelop Protocol, is proposed by Nguyen . The STA during association phase generates two strong random numbers (say p, q) and then computes N = p * q.…”

Section: Protection Against Dos Attacksmentioning

confidence: 99%

“…There are few solutions (Category V, Table ) that are proposed, keeping in view the DoS threat caused using deauthentication/disassociation frames. The secure wireless scheme is similar to other spoof‐reducing schemes of Category I. Letter‐Envelop Protocol is a small but effective scheme to protect against deauthentication/disassociation DoS attacks. Here, the computation time is required to calculate the prime numbers, and the frame is modified to accommodate the prime numbers.…”

Section: Comparison Of Dos Solutions In Ieee 80211imentioning

confidence: 99%

On the IEEE 802.11i security: a denial‐of‐service perspective

Singh

Sharma

2014

Security Comm Networks

View full text Add to dashboard Cite

The IEEE 802.11i standard provides authentication and security at the Medium Access Control layer in wireless local area networks (WLANs). It involves an authentication process followed by a four‐way handshake to evolve a key for securing data sessions. The standard suffers under denial‐of‐service (DoS) attacks. These attacks often block the ongoing communication process and deprive services to the legitimate users. These are easy to conduct while maintaining anonymity of the attackers. It hence becomes imperative to learn about the attacks and their solutions in IEEE 802.11i‐protected WLANs so that future research proposals and solutions to mitigate the attack may develop. The paper presents a review of DoS attacks and existing solutions pertaining to the IEEE 802.11i security standard. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

A Lightweight Solution for Defending Against Deauthentication/Disassociation Attacks on 802.11 Networks

Abstract: In this paper we investigate a special type of denial of service (DoS)

Cited by 26 publications

References 7 publications

Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions

Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions

Detection of De-authentication Denial of Service attack in 802.11 networks

On the IEEE 802.11i security: a denial‐of‐service perspective

Contact Info

Product

Resources

About