Intercepting mobile communications: the insecurity of 802.11
Proceedings of the 7th annual international conference on Mobile computing and networking
DoS and authentication in wireless public access networks
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security
Real 802.11 Security: Wi-Fi Protected Access and 802.11i
Real 802.11 Security: Wi-Fi Protected Access and 802.11i
Analysis of a Denial of Service Attack on TCP
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
WLAN Security: Current and Future
IEEE Internet Computing
Weaknesses in the temporal key hash of WPA
ACM SIGMOBILE Mobile Computing and Communications Review
Analysis of the 802.11i 4-way handshake
Proceedings of the 3rd ACM workshop on Wireless security
Security issues in IEEE 802.11 wireless local area networks: a survey: Research Articles
Wireless Communications & Mobile Computing - Special Issue: Emerging WLAN Apllications and Technologies
802.11 denial-of-service attacks: real vulnerabilities and practical solutions
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Link-layer protection in 802.11i WLANS with dummy authentication
Proceedings of the second ACM conference on Wireless network security
4-way handshake solutions to avoid denial of service attack in ultra wideband networks
IITA'09 Proceedings of the 3rd international conference on Intelligent information technology application
ANonce encryption in 802.11i 4-way handshake protocol
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
| Hi-index | 0.00 |
This paper focuses on WPA and IEEE 802.11i protocols that represent two important solutions in the wireless environment. Scenarios where it is possible to produce a DoS attack and DoS flooding attacks are outlined. The last phase of the authentication process, represented by the 4-way handshake procedure, is shown to be unsafe from DoS attack. This can produce the undesired effect of memory exhaustion if a flooding DoS attack is conducted. In order to avoid DoS attack without increasing the complexity of wireless mobile devices too much and without changing through some further control fields of the frame structure of wireless security protocols, a solution is found and an extension of WPA and IEEE 802.11 is proposed. A protocol extension with three "static" variants and with a resource-aware dynamic approach is considered. The three enhancements to the standard protocols are achieved through some simple changes on the client side and they are robust against DoS and DoS flooding attack. Advantages introduced by the proposal are validated by simulation campaigns and simulation parameters such as attempted attacks, successful attacks, and CPU load, while the algorithm execution time is evaluated. Simulation results show how the three static solutions avoid memory exhaustion and present a good performance in terms of CPU load and execution time in comparison with the standard WPA and IEEE 802.11i protocols. However, if the mobile device presents different resource availability in terms of CPU and memory or if resource availability significantly changes in time, a dynamic approach that is able to switch among three different modalities could be more suitable.