scholarly journals Analysis of Deauthentication Attack on IEEE 802.11 Connectivity Based on IoT Technology Using External Penetration Test

2020 ◽  
Vol 14 (1) ◽  
pp. 45
Author(s):  
Yogi Kristiyanto ◽  
Ernastuti E
Keyword(s):  
Distribution System ◽  
Denial Of Service ◽  
Test Method ◽  
Target System ◽  
Media Access Control ◽  
Test Target ◽  
Penetration Test ◽  
Media Access ◽  
Dos Attacks ◽  
Ip Camera

The research aims to know the level of security of WiFi connectivity against deauthentication attacks on Internet of Things (IoT)-based devices. It is done through testing using an external penetration test method. The external penetration test simulates a real external attack without information about the target system and network given. The process starts from accessing the device through Internet or WiFi by the test target. At the same time, the attacker performs Denial-of-Service (DoS) attacks onWiFi. The attacker uses Arduino ESP8266 NodeMCU WiFi with Lua programming. To record WiFi activities, the researchers use CommView for WiFi V. 7.0, and the target is Internet Protocol (IP) camera device. The result shows that the communication of the test target with the gateway is lost, but the Media Access Control (MAC) of the test target is still registered at the gateway. Deauthentication attacks cause communication paralysis, and several changes occur, such as an increase in data rate, and change in frequency channel, Distribution System (DS) status, retry bits in frame management, and the sequence number.

scholarly journals Implementation of ARP Spoofing for IOT Devices Using Cryptography AES and ECDSA Algorithms

2019 ◽  
Vol 8 (2S11) ◽  
pp. 2889-2893
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
Media Access Control ◽  
Media Access ◽  
Ip Address ◽  
Digital Signature Algorithm ◽  
Address Resolution Protocol ◽  
Man In The Middle ◽  
Arp Spoofing ◽  
Iot Devices

The Internet of Things is the network of numerous devices and communicate with an internet by using the IP address. The IOT objects shares the information using wireless connection. During the data transmission, that can be distorted by the Hackers by knowing their IP address. In IOT (Internet of Things), the wireless communication between the devices makes the users to be vulnerable. So, the hackers may spoof the MAC address of the communicating devices. The receiver MAC address is identified and then false MAC (Media Access Control) address is created by the hacker. Then, attackers replaces the original MAC address in the ARP (Address Resolution Protocol) table of the sender. So,the hackers may impersonate like the sender. Therefore, Cryptographic algorithms like AES (Advanced Encryption Standard) for confidentiality and ECDSA (Elliptic Curve Digital Signature Algorithm) for Authentication are applied in the proposed algorithm to safeguard the data as well as the devices from the hackers. The following attacks such as Man-in-the-Middle, Denial -of -Service (DOS) and ARP spoofing are strongly prevented in the proposed algorithm. Thus, the implementation of an algorithm is carried out in Ubuntu Linux environment with installing Python dependencies. This algorithm affords an efficient way to thwart ARP (Address Resolution Protocol) spoofing by the hackers for IOT devices.

scholarly journals Mitigating ARP Cache Poisoning Attack in Software-Defined Networking (SDN): A Survey

Electronics ◽  
2019 ◽  
Vol 8 (10) ◽  
pp. 1095 ◽  
Author(s):  
Zawar Shah ◽  
Steve Cosgrove
Keyword(s):  
Performance Metrics ◽  
Denial Of Service ◽  
Software Defined Networking ◽  
Local Area ◽  
Attack Detection ◽  
Future Research ◽  
Media Access Control ◽  
Media Access ◽  
Address Resolution Protocol ◽  
Time Calculation

Address Resolution Protocol (ARP) is a widely used protocol that provides a mapping of Internet Protocol (IP) addresses to Media Access Control (MAC) addresses in local area networks. This protocol suffers from many spoofing attacks because of its stateless nature and lack of authentication. One such spoofing attack is the ARP Cache Poisoning attack, in which attackers poison the cache of hosts on the network by sending spoofed ARP requests and replies. Detection and mitigation of ARP Cache Poisoning attack is important as this attack can be used by attackers to further launch Denial of Service (DoS) and Man-In-The Middle (MITM) attacks. As with traditional networks, an ARP Cache Poisoning attack is also a serious concern in Software Defined Networking (SDN) and consequently, many solutions are proposed in the literature to mitigate this attack. In this paper, a detailed survey on various solutions to mitigate ARP Cache Poisoning attack in SDN is carried out. In this survey, various solutions are classified into three categories: Flow Graph based solutions; Traffic Patterns based solutions; IP-MAC Address Bindings based solutions. All these solutions are critically evaluated in terms of their working principles, advantages and shortcomings. Another important feature of this survey is to compare various solutions with respect to different performance metrics, e.g., attack detection time, ARP response time, calculation of delay at the Controller etc. In addition, future research directions are also presented in this survey that can be explored by other researchers to propose better solutions to mitigate the ARP Cache Poisoning attack in SDN.

scholarly journals Potential Security Vulnerabilities of the IEEE 802.15.4 Standard and a Proposed Solution Against the Dissociation Process

2021 ◽  
Vol 13 (3) ◽  
pp. 182-200
Author(s):  
ABDULLAH ALABDULATIF
Keyword(s):  
Ieee 802.15.4 ◽  
Denial Of Service ◽  
Media Access Control ◽  
Area Network ◽  
Media Access ◽  
Authentication Code ◽  
Major Shortcoming ◽  
The Media ◽  
Ieee 802.15.4 Standard ◽  
Personal Area Network

Many different networks that rely on short-distance wireless technology for their functions utilize the IEEE 802.15.4 Standard, especially in the case of systems that experience a low level of traffic. The networks using this standard are typically based on the Low-Rate Wireless Personal Area Network, herein called the LR-WPAN; this network is used for the provision of both the physical layer, herein referred to as the PHY, and the media access control, herein abbreviated as the MAC. There are four security features in the IEEE 802.15.4 Standard that are designed to ensure the safe and secure transmission of data through the network. Disconnection from the network is managed and controlled by the message authentication code, herein referred to as the MAC, while the coordinator personal area network, herein abbreviated as the PAN, is also able to trigger the disconnection. However, the process of disconnection from the network is one area of vulnerability to denial-of-service attacks, herein referred to as DoS; this highlights a major shortcoming of the IEEE 802.15.4 Standard’s security features. This paper is intended to contribute to the improvement of security for the IEEE network by conducting a specific and in-depth review of available literature as well as conducting an analysis of the disassociation process. In doing so, potential new threats will be highlighted, and this data can be used to improve the security of the IEEE 802.15.4 Standard. Overall, in this paper, the role of the Castalia tool in the OMNET++ environment is analysed and interpreted for these potential new threats. Also, this paper proposes a solution to such threats to improve the security IEEE 802.15.4 disassociation process. Keywords: Disassociation vulnerability of IEEE 802.15.4 Standard, DoS attack, IoT security.

IEEE 802.11 Tutorial

2018 ◽  
Author(s):  
Kiramat
Keyword(s):  
Access Control ◽  
Ieee 802.11 ◽  
Wireless Local Area Network ◽  
Local Area Network ◽  
Local Area ◽  
Physical Layer ◽  
Media Access Control ◽  
Area Network ◽  
Media Access ◽  
Computer Communications

IEEE 802.11 is a set of media access control (MAC) and physical layer (PHY) specifications for implementing wireless local area network (WLAN) computer communications. Maintained by the Institute of Electrical and Electronics Engineers (IEEE) LAN/MAN Standards Committee (IEEE 802). This document highlights the main features of IEEE 802.11n variant such as MIMO, frame aggregation and beamforming along with the problems in this variant and their solutions

Media Access Control Protocol with Differential Service in Aeronautical Frequency-Hopping Ad Hoc Networks

2014 ◽  
Vol 24 (8) ◽  
pp. 2214-2225 ◽  
Author(s):  
Ye-Qun WANG ◽  
Feng YANG ◽  
Guo-Ce HUANG ◽  
Heng-Yang ZHANG ◽  
Jian-Xin GUO
Keyword(s):  
Access Control ◽  
Ad Hoc Networks ◽  
Ad Hoc ◽  
Frequency Hopping ◽  
Media Access Control ◽  
Media Access ◽  
Control Protocol ◽  
Hoc Networks ◽  
Media Access Control Protocol

scholarly journals Performance Analysis of Synchronous Multi-Radio Multi-Link MAC Protocols in IEEE 802.11be Extremely High Throughput WLANs

2020 ◽  
Vol 11 (1) ◽  
pp. 317
Author(s):  
Taewon Song ◽  
Taeyoon Kim
Keyword(s):  
Ieee 802.11 ◽  
Markov Chain Model ◽  
Careful Consideration ◽  
Mac Protocols ◽  
Media Access Control ◽  
Chain Model ◽  
Distributed Coordination ◽  
Media Access ◽  
Medium Access ◽  
Coordination Function

The representative media access control (MAC) mechanism of IEEE 802.11 is a distributed coordination function (DCF), which operates based on carrier-sense multiple access with collision avoidance (CSMA/CA) with binary exponential backoff. The next amendment of IEEE 802.11 being developed for future Wi-Fi by the task group-be is called IEEE 802.11be, where the multi-link operation is mainly discussed when it comes to MAC layer operation. The multi-link operation discussed in IEEE 802.11be allows multi-link devices to establish multiple links and operate them simultaneously. Since the medium access on a link may affect the other links, and the conventional MAC mechanism has just taken account of a single link, the DCF should be used after careful consideration for multi-link operation. In this paper, we summarize the DCFs being reviewed to support the multi-radio multi-link operation in IEEE 802.11be and analyze their performance using the Markov chain model. Throughout the extensive performance evaluation, we summarize each MAC protocol’s pros and cons and discuss essential findings of the candidate MAC protocols.

scholarly journals A Secure Protocol against Selfish and Pollution Attacker Misbehavior in Clustered WSNs

Electronics ◽  
2021 ◽  
Vol 10 (11) ◽  
pp. 1244
Author(s):  
Hana Rhim ◽  
Damien Sauveron ◽  
Ryma Abassi ◽  
Karim Tamine ◽  
Sihem Guemara
Keyword(s):  
Denial Of Service ◽  
Base Station ◽  
Hierarchical Organization ◽  
Secure Routing ◽  
Sensor Nodes ◽  
Dos Attacks ◽  
Linear Network ◽  
Secure Protocol ◽  
Misbehaving Nodes ◽  
Pollution Attacks

Wireless sensor networks (WSNs) have been widely used for applications in numerous fields. One of the main challenges is the limited energy resources when designing secure routing in such networks. Hierarchical organization of nodes in the network can make efficient use of their resources. In this case, a subset of nodes, the cluster heads (CHs), is entrusted with transmitting messages from cluster nodes to the base station (BS). However, the existence of selfish or pollution attacker nodes in the network causes data transmission failure and damages the network availability and integrity. Mainly, when critical nodes like CH nodes misbehave by refusing to forward data to the BS, by modifying data in transit or by injecting polluted data, the whole network becomes defective. This paper presents a secure protocol against selfish and pollution attacker misbehavior in clustered WSNs, known as (SSP). It aims to thwart both selfish and pollution attacker misbehaviors, the former being a form of a Denial of Service (DoS) attack. In addition, it maintains a level of confidentiality against eavesdroppers. Based on a random linear network coding (NC) technique, the protocol uses pre-loaded matrices within sensor nodes to conceive a larger number of new packets from a set of initial data packets, thus creating data redundancy. Then, it transmits them through separate paths to the BS. Furthermore, it detects misbehaving nodes among CHs and executes a punishment mechanism using a control counter. The security analysis and simulation results demonstrate that the proposed solution is not only capable of preventing and detecting DoS attacks as well as pollution attacks, but can also maintain scalable and stable routing for large networks. The protocol means 100% of messages are successfully recovered and received at the BS when the percentage of lost packets is around 20%. Moreover, when the number of misbehaving nodes executing pollution attacks reaches a certain threshold, SSP scores a reception rate of correctly reconstructed messages equal to 100%. If the SSP protocol is not applied, the rate of reception of correctly reconstructed messages is reduced by 90% at the same case.

Media access control manner with QoS for control network

2008 ◽  
Author(s):  
Lei Zhaoming ◽  
Sun Hexu ◽  
Liu Zuojun ◽  
Liang Tao
Keyword(s):  
Access Control ◽  
Media Access Control ◽  
Control Network ◽  
Media Access ◽  
Control Manner

scholarly journals Secure and DoS-Resilient Fragment Authentication in CCN-Based Vehicular Networks

2018 ◽  
Vol 2018 ◽  
pp. 1-12
Author(s):  
Sangwon Hyun ◽  
Hyoungshick Kim
Keyword(s):  
Vehicular Networks ◽  
Denial Of Service ◽  
Content Delivery ◽  
Dos Attacks ◽  
Promising Alternative ◽  
Content Centric Networking ◽  
Transmission Unit ◽  
Communication Environments ◽  
Maximum Transmission

Content-Centric Networking (CCN) is considered as a promising alternative to traditional IP-based networking for vehicle-to-everything communication environments. In general, CCN packets must be fragmented and reassembled based on the Maximum Transmission Unit (MTU) size of the content delivery path. It is thus challenging to securely protect fragmented packets against attackers who intentionally inject malicious fragments to disrupt normal services on CCN-based vehicular networks. This paper presents a new secure content fragmentation method that is resistant to Denial-of-Service (DoS) attacks in CCN-based vehicular networks. Our approach guarantees the authenticity of each fragment through the immediate fragment verification at interim nodes on the routing path. Our experiment results demonstrate that the proposed approach provides much stronger security than the existing approach named FIGOA, without imposing a significant overhead in the process. The proposed method achieves a high immediate verification probability of 98.2% on average, which is 52% higher than that of FIGOA, while requiring only 14% more fragments than FIGOA.

Sign in / Sign up

Export Citation Format

Share Document