deepthi ratnayake
TRANSCRIPT
TEMPLATE DESIGN © 2008
www.PosterPresentations.com
Current Work
An adversary can send a flood of Probe Request frames using MAC spoofing to represent a large number of nodes scanning the wireless network. This can heavily overload and consume the computation power and memory resources of the AP which can lead to a Denial-of-Service.
An adversary can send a flood of Probe Request frames using MAC spoofing to represent a large number of nodes scanning the wireless network. This can heavily overload and consume the computation power and memory resources of the AP which can lead to a Denial-of-Service.
An improved authentication model for IEEE 802.11-2007 to prevent Probe Request DoS Attacks.Researcher: Mrs. Deepthi Ratnayake Director of Studies: Prof. Hassan Kazemian
Introduction
Aim
Progress
To find an effective method to recognise rogue Probe Request frames, and prevent an AP from triggering a Probe Response.
To find an effective method to recognise rogue Probe Request frames, and prevent an AP from triggering a Probe Response.
Probe Request Flood Attacks are designed to manipulate a 802.11 request/respond design flaw, i.e. each request message sent by a STA must be responded with a response message sent by the AP.
Probe Request Flood Attacks are designed to manipulate a 802.11 request/respond design flaw, i.e. each request message sent by a STA must be responded with a response message sent by the AP.
BSS
Test1-PC (User)Windows XP
Intel(R) PRO/Wireless LAN 2100 3B Mini PCI Adapter
MAC: Intel_5b:dd:b3
Test3-PC (Attacker)BackTrack4 (Linux)
Intel® PRO/Wireless 2200BG Wireless Connection
MAC: Intel_a5:23:37
Test-AP (Access Point) MAC: Netgrar_42:cf:c0
• Sniffing and simulation of attacks on a test bed using available s/w tools.
• Seeking and intelligent model to implement the solution.
The Issue
• Detect MAC Spoofing by Monitoring Sequence Number Field
• Identifying STAs by Physical Layer Attributes
• Keep a “Safe List” of known attributes and give priority to “Safe List”.
• Pattern Recognition of “Transactions” and filter peculiar Probe Requests.
Length - Bytes
2 2 6 6 6 2 6 Variable Variable 4
FieldFrame Control
Duration ID
DA SA BSSIDSequence Control
SSIDSupported
RatesEstended
Supported RatesFCS
MAC HEADER FRAME BODY CRC
Probe Request Frame
Length - Bits
2 2 4 1 1 1 1 1 1 1 1
FieldProtocol Version
Type
Sub Type
To DS
From DS
More Frag
Retry
Power Management
More Data
WEP
Reserved
FRAME CONTROL
Test2-PC (User)Windows Vista
Intel® PRO/Wireless 2200BG Wireless Connection
MAC: Intel_39:c9:33
Reference
Possible Solutions
Bulbul, H. I., Batmaz, I., and Ozel, M. 2008. Wireless network security: comparison of WEP (Wired Equivalent Privacy) mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security protocols. Proceedings of the 1st international Conference on Forensic Applications and Techniques in Telecommunications, information, and Multimedia and Workshop [Online] pp. 1-6 Available at http://0-delivery.acm.org.emu.londonmet.ac.uk/10.1145/1370000/1363229/a9-bulbul.pdf?key1=1363229&key2=5901319321&coll=ACM&dl=ACM&CFID=30100573&CFTOKEN=55282196 [Accessed: 7th April 2009].
Broadcom Corporation. 2005. Broadcom, HP and Linksys make Wi-Fi® installation as easy as pushing a button [Online]. Available at: http://www.broadcom.com/press/release.php?id=659800 [Accessed: 15 October 2008].
IEEE, 2004, "IEEE Standard for Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6: Medium Access Control (MAC) Security Enhancements", IEEE Std 802.11i-2004 [Online] Available at http://0-ieeexplore.ieee.org.emu.londonmet.ac.uk/stamp/stamp.jsp?arnumber=1318903&isnumber=29229 [Accessed: 22 March 2009].
He, C. Mitchell, J.C. 2005, Security analysis and improvements for IEEE 802.11i. The 12th Annual Network and Distributed System Security Symposium (NDSS'05), [Online] pp. 90-110 Available at http://www.isoc.org/isoc/conferences/ndss/05/proceedings/papers/NDSS05-1107.pdf [Accessed: 16th April 2009].
Porter, T. Zmolek, A. Kanclirz, J. Rosela, A. 2006. Practical VoIP security: your hands-on guide to voice over IP (VoIP) security . Hingham, MA: Syngress.
Riley, S. 2005. Mitigating the threats of rogue machines—802.1X or IPsec? [Online]. Available at: http://technet.microsoft.com/en-gb/library/cc512611.aspx [Accessed: 18 October 2008].
Bulbul, H. I., Batmaz, I., and Ozel, M. 2008. Wireless network security: comparison of WEP (Wired Equivalent Privacy) mechanism, WPA (Wi-Fi Protected Access) and RSN (Robust Security Network) security protocols. Proceedings of the 1st international Conference on Forensic Applications and Techniques in Telecommunications, information, and Multimedia and Workshop [Online] pp. 1-6 Available at http://0-delivery.acm.org.emu.londonmet.ac.uk/10.1145/1370000/1363229/a9-bulbul.pdf?key1=1363229&key2=5901319321&coll=ACM&dl=ACM&CFID=30100573&CFTOKEN=55282196 [Accessed: 7th April 2009].
Broadcom Corporation. 2005. Broadcom, HP and Linksys make Wi-Fi® installation as easy as pushing a button [Online]. Available at: http://www.broadcom.com/press/release.php?id=659800 [Accessed: 15 October 2008].
IEEE, 2004, "IEEE Standard for Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6: Medium Access Control (MAC) Security Enhancements", IEEE Std 802.11i-2004 [Online] Available at http://0-ieeexplore.ieee.org.emu.londonmet.ac.uk/stamp/stamp.jsp?arnumber=1318903&isnumber=29229 [Accessed: 22 March 2009].
He, C. Mitchell, J.C. 2005, Security analysis and improvements for IEEE 802.11i. The 12th Annual Network and Distributed System Security Symposium (NDSS'05), [Online] pp. 90-110 Available at http://www.isoc.org/isoc/conferences/ndss/05/proceedings/papers/NDSS05-1107.pdf [Accessed: 16th April 2009].
Porter, T. Zmolek, A. Kanclirz, J. Rosela, A. 2006. Practical VoIP security: your hands-on guide to voice over IP (VoIP) security . Hingham, MA: Syngress.
Riley, S. 2005. Mitigating the threats of rogue machines—802.1X or IPsec? [Online]. Available at: http://technet.microsoft.com/en-gb/library/cc512611.aspx [Accessed: 18 October 2008].