Analysis of Deauthentication Attack on IEEE 802.11 Connectivity Based on IoT Technology Using External Penetration Test

Kristiyanto, Yogi; Ernastuti, Ernastuti

doi:10.21512/commit.v14i1.6337

Cited by 22 publications

(14 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…A type of management frames called the deauthentication frame is used to instruct a station to drop its network connection [ 40 ]. Usually, the station will automatically attempt to reconnect, which initiates a new handshake process.…”

Section: Background and Related Workmentioning

confidence: 99%

“…This constitutes a serious concern because in the IEEE 802.11i standard, which WPA2 is based on, the stations do not authenticate or encrypt management and control frames [ 35 ]. The frames are sent in plain-text, meaning that an adversary can forge a deauthentication frame that appears to be from an AP in order to kill the connection to a client [ 40 ]. The adversary can then capture the handshake process upon reconnection or continue to send the deauthentication frames.…”

Section: Background and Related Workmentioning

confidence: 99%

“…Hossain et al presented and discussed various security issues and challenges in the IOT, including WLAN connectivity [ 17 ]. In 2020, Kristiyanto et al analyzed a deauthentication attack on a Wi-Fi connected IoT camera [ 40 ] equivalent to the DOS attack presented in Section 5.1 . Verma et al demonstrated several serious security risks for IoT devices on connected to IEEE 802.11ah WLAN networks [ 61 ].…”

Section: Background and Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Automatic Verification and Execution of Cyber Attack on IoT Devices

Færøy

Yamin

Shukla

et al. 2023

Sensors

View full text Add to dashboard Cite

Internet of Things (IoT) devices are becoming a part of our daily life; from health monitors to critical infrastructure, they are used everywhere. This makes them ideal targets for malicious actors to exploit for nefarious purposes. Recent attacks like the Mirai botnet are just examples in which default credentials were used to exploit thousands of devices. This raises major concerns about IoT device security. In this work, we aimed to investigate security of IoT devices through performing automatic penetration test on IoT devices. A penetration test is a way of detecting security problems, but manually testing billions of IoT devices is infeasible. This work has therefore examined autonomous penetration testing on IoT devices. In recent studies, automated attack execution models were developed for modeling automated attacks in cyber ranges. We have (1) investigated how such models can be applied for performing autonomous IoT penetration testing. Furthermore, we have (2) investigated if some well known and severe Wi-Fi related vulnerabilities still exist in IoT devices. Through a case study, we have shown that the such models can be used to model and design autonomous penetration testing agents for IoT devices. In addition, we have demonstrated that well-known vulnerabilities are present in deployed and currently sold products used in IoT devices, and that they can be both autonomously revealed through our developed system.

show abstract

Section: Background and Related Workmentioning

confidence: 99%

Section: Background and Related Workmentioning

confidence: 99%

Section: Background and Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Automatic Verification and Execution of Cyber Attack on IoT Devices

Færøy

Yamin

Shukla

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…A scenario is created and simulated for a deauthentication attack on a device with WiFi connectivity. The goal of the attack is to record all activities when the attack occurs using tools [21].…”

Section: Cyber Attacks Against Medical Devicesmentioning

confidence: 99%

A Survey on Security Attacks with Remote Ground Robots

Özdol¹,

Köseler²,

Alçiçek³

et al. 2021

El-Cezeri Fen Ve Mühendislik Dergisi

View full text Add to dashboard Cite

Contemporary healthcare systems contain diverse computing devices that construct very complex systems to manage patients' data more efficiently. Connected computing devices, such as the Internet of Things (IoT) that may have limited processing powers, have contributed more than ever with the advent of wearable body area networks (WBAN). These devices are connected to other medical devices to share sensitive health data with corresponding entities like hospitals, research institutions, and insurance companies. Since health data are very sensitive, they should be always available to authorized entities and unavailable to other entities. Moreover, COVID-19 pandemic has added additional value to health data which case increases cyber-attacks on (Electronic health) E-health systems with different tools dramatically. In this paper, several cyber-attacks on Ehealth systems are explored. Particularly, we have focused on attacks to IoT based wearable health devices for body area networks. The paper contains the architecture of wearable health devices to show the potential attack surface. One of the main contributions of the paper is to present cyber-attacks on wearable e-health devices with ground robots. A tactical ground robot is portable devices that may be used to carry out several cyber-attacks on E-health systems. Moreover, the paper contains analyses of the attacks with ground robots.

show abstract

“…In [15], the authors researched and implemented a sce nario of a deauthentication attack, during which a legitimate client was disconnected from the AP, which made any data transfer impossible.…”

mentioning

confidence: 99%

Analysis of attacks in IEEE 802.11 networks at different levels of OSI model

Korolkov¹,

Kutsak²

2021

Nauk. visn. nat. hirn. univ.

View full text Add to dashboard Cite

Purpose. Analysis of the main types of vulnerabilities and definition of weaknesses in 802.11 wireless network security, identification of the causes of information loss or network failure as a result of attacks. Methodology. Research on attacks at different levels of the OSI network model. Findings. The main threats and attacks that are implemented at each level of the OSI network model, from the physical to the application level, are identified. 15 different attacks with a detailed description of the consequences of their implementation are considered. The correspondence between the levels of the OSI network model and peculiarities of the implementation of attacks is established. Originality. The principle of increasing the abstraction level was used to systematize attacks on WLAN. First, the known attacks are compared according to the levels of the OSI network model and the destructive consequences of their implementation are indicated; secondly, four types of attacks (reconnaissance, availability, spoofing, man-in-the-middle) are identified, and thirdly, attacks are divided into categories of passive and active ones. This approach makes it possible to get a more conceptual understanding of security issues in wireless networks. Practical value. The results obtained can be used to develop effective multi-level systems for detecting and preventing intrusions into WLAN.

show abstract

Analysis of Deauthentication Attack on IEEE 802.11 Connectivity Based on IoT Technology Using External Penetration Test

Cited by 22 publications

References 6 publications

Automatic Verification and Execution of Cyber Attack on IoT Devices

Automatic Verification and Execution of Cyber Attack on IoT Devices

A Survey on Security Attacks with Remote Ground Robots

Analysis of attacks in IEEE 802.11 networks at different levels of OSI model

Contact Info

Product

Resources

About