This work serves two key objectives. First, it markedly supplements and extends the well-known AWID corpus by capturing and studying traces of a wide variety of attacks hurled in the IEEE 802.1X ...Extensible Authentication Protocol (EAP) environment. Second, given that all the 802.11-oriented attacks have been carried out when the defenses introduced by Protected Management Frames (PMF) were operative, it offers the first to our knowledge full-fledged empirical study regarding the robustness of the IEEE 802.11w amendment, which is mandatory for WPA3 certified devices. Under both the aforementioned settings, the dataset, and study at hand are novel and are anticipated to be of significant aid towards designing and evaluating intrusion detection systems. Moreover, in an effort to deliver a well-rounded dataset of greater lifespan, and under the prism of an attacker escalating their assault from the wireless MAC layer to higher ones, we have additionally included several assaults that are common to IEEE 802.3 networks. Since the corpus is publicly offered in the form of raw cleartext pcap files, future research can straightforwardly exploit any subset of features, depending on the particular application scenario.
Maintaining a high level of data security with a low impact on system performance is more challenging in wireless multimedia applications. Protocols that are used for wireless local area network ...(WLAN) security are known to significantly degrade performance. In this paper, we propose an enhanced security system for a WLAN. Our new design aims to decrease the processing delay and increase both the speed and throughput of the system, thereby making it more efficient for multimedia applications. Our design is based on the idea of offloading computationally intensive encryption and authentication services to the end systems' CPUs. The security operations are performed by the hosts' central processor (which is usually a powerful processor) before delivering the data to a wireless card (which usually has a low-performance processor). By adopting this design, we show that both the delay and the jitter are significantly reduced. At the access point, we improve the performance of network processing hardware for real-time cryptographic processing by using a specialized processor implemented with field-programmable gate array technology. Furthermore, we use enhanced techniques to implement the Counter (CTR) Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) and the CTR protocol. Our experiments show that it requires timing in the range of 20-40 μs to perform data encryption and authentication on different end-host CPUs (e.g., Intel Core i5, i7, and AMD 6-Core) as compared with 10-50 ms when performed using the wireless card. Furthermore, when compared with the standard WiFi protected access II (WPA2), results show that our proposed security system improved the speed to up to 3.7 times.
A common approach for questionnaire collection is to set up a WLAN and respondents submit answers via specific apps or a web browser. However, much unnecessary background traffic is incurred once a ...device connects to Wi-Fi, consuming limited airtime and constraining the number of simultaneous connections. In this paper, we show that connection is not necessary, since the handshake messages themselves can carry answers. We propose Quest, an alternative questionnaire collection system that requires neither Internet access nor a stable connection. Quest sets up a password-protected Wi-Fi network to which respondents connect using any smart device with a Wi-Fi module and type their answers as passwords. Quest then retrieves the answers from the handshake messages. However, the answers are sent in hashed form instead of plain text; thus, recovery of answers from handshake messages, i.e., password cracking, is time-consuming, leading to a long delay. Quest employs three techniques to address the challenge. First, Quest restricts the types of questions to closed-ended ones, reducing the set of possible answers. Second, Quest precomputes an offline dictionary to speed up the cracking process. Third, we prove that, in our problem, it is sufficient to consider the first 128 bits of a key, instead of the entire 384 bits in the standard. Thus, Quest only checks the first 128 bits of a key. These techniques reduce the worst-case per-user cracking time from several minutes to a few seconds on a laptop computer. We implement Quest in commodity-off-the-shelf hardware and evaluate it in a real-world environment.
Wireless networks used widely in office, home, and public places so security is one of the significant issues to keep the transmitted information safe. The applied security standards have been ...developed in response to the demand of high security and the developed hardware with software. Currently, the available security standards are (WEP, WPA, WPA2 and under development WPA3). These security standards are different in the offered security level base on the employed authentication method and encryption algorithms. The major objective of this paper is studying security standards and analyzing them based on their features. In addition to presenting a detailed review about WPA3 and its improvements over the older security standards. The conducted evaluations explained the differences among the Wi-Fi security standards in term of the offered security level, software and hardware requirements.
Attacks on WiFi networks can cause network failures and denial of service for authentic users. To identify such attacks, the deployment of a WiFi Intrusion Detection System (IDS) is crucial. The key ...objective of WiFi IDS is to protect the network by examining WiFi traffic and classifying it as an attack or normal. The state-of-the-art anomaly-based WiFi IDSs use machine learning (ML) to learn the characteristics of past attacks from WiFi traffic datasets. A lot of research is done on advanced ML-based IDSs but work on WiFi-based IDSs is very limited and is based on old ML models. Most of our communications and devices are dependent on WiFi, therefore there is a dire need to update WiFi IDSs with the latest lightweight ML models. Even though old ML models are effective, they have to suffer from large training and testing times along with high computational costs due to large traffic features and outdated algorithms. Moreover, with emerging technologies like the Internet of Things and big data, WiFi traffic is increasing rapidly. Therefore, the issue of computational cost needs to be addressed properly. Thus, in this research, we propose an efficient ML-based WiFi IDS that utilizes a lightweight state-of-the-art ML model and optimum feature selection to reduce computational cost and provide high performance. With the help of MAC layer information and radiotap headers, our WiFi IDS can detect WiFi attacks that go undetected through normal network-based IDS. The proposed WiFi IDS uses a Light Gradient Boosting Machine (LightGBM) that combines several weak learners into a single, better generalizable, strong learner and uses Gradient-based One Side Sampling to downsample data instances with small gradients during training. The experimental results prove that the proposed solution outperforms other classifiers in accuracy, precision, recall, F1 score, training time, and testing time. The proposed solution provides better accuracy with 26 times less training time and 20% less test time compared to XGBoost. The proposed solution can classify real-time WiFi traffic in the order of microseconds and can be trained efficiently with new data.
Millions of Wi-Fi cameras have been deployed in businesses and households in the last decade. Most of them are used to provide security surveillance services. It raises new security concerns because ...these cameras could become the target of various attacks. Among them, Evil Twin, Deauthentication, and Disassociation attacks are well-known, easy-to-launch, and dangerous ones. However, there is a lack of deep understanding and awareness of these attacks, as well as efficient mitigation mechanisms. In this paper, we design a set of experiments to demonstrate how easily and effectively these attacks can be launched from simple computing platforms like Raspberry Pi using publicly available, open-source, and easy-configurable tools toward a set of carefully selected, popular, and highly reputed Wi-Fi cameras. Based on our testing, we report our interesting observations and discuss the mitigation approaches. We believe these attacks are beyond cameras and we hope our work can bring serious attention to the security of Wi-Fi equipped devices.
Recently, a number of attacks have been demonstrated (like key reinstallation attack, called KRACK) on WPA2 protocol suite in Wi-Fi WLAN, for which a patching is often challenging. In this paper, we ...design and implement a system, called CheckShake, to passively detect anomalies in the handshake of Wi-Fi security protocols, in particular WPA2, between a client and an AP using COTS radios. Our proposed system works without decrypting any traffic and sniffing on multiple channels in parallel. It uses a state machine model for grouping Wi-Fi handshake packets and then perform deep packet inspection to identify the symptoms of the anomaly in specific stages of a handshake session. Our implementation of CheckShake does not require any modification to the firmware of the client or the AP or the COTS devices, it only requires to be physically placed within the range of the AP and its clients. We use both the publicly available dataset and our own data set for performance analysis of CheckShake. Using gradient boosting-based supervised machine learning (ML) models, we show that an accuracy around 98.50% with no false positive can be achieved using CheckShake in open sourced data that has non-zero probability of missing packets per group of packets.
Association attacks aim to manipulate WiFi clients into associating with a malicious access point, by exploiting protocol vulnerabilities and usability features implemented on the network managers of ...modern operating systems. In this paper we classify association attacks based on the network manager features that each attack exploits. To validate their current validity status, we implement and test all known association attacks against the network managers of popular operating systems, by using our Wifiphisher tool. We analyze various strategies that may be implemented by an adversary in order to increase the success rate of association attacks. Furthermore, we examine the behavior of association attacks against upcoming security protocols and certifications for IEEE 802.11, such as WPA3, Wi-Fi Enhanced Open and Easy Connect. Our results show that even though the network managers have hampered the effectiveness of some known attacks (e.g. KARMA), other techniques (e.g. Known Beacons) are still active threats. More importantly, our results show that even the newer security protocols leave room for association attacks. Finally, we describe novel detection and prevention techniques for association attacks, as well as security controls based on user awareness.
Celotno besedilo
Dostopno za:
DOBA, IZUM, KILJ, NUK, PILJ, PNG, SAZU, SIK, UILJ, UKNU, UL, UM, UPUK
Enhancing the energy efficiency of WiFi IoT stations introduces unique challenges compared to 802.15.4 and BLE. The four essential operations performed to ensure connectivity between stations and the ...access point in a WiFi network are association , periodic beacon reception , maintaining association , and station wake up . Understanding and enhancing these operations are essential for building energy-efficient and dependable IoT systems. However, it is unclear how the software and hardware configuration of station and access point, concurrent traffic, power management, and security protocols affect the reliability and energy efficiency of these operations. In this paper, first, we present a thorough analysis of the association cost of WPA2 and WPA3 and mitigate the effect of key computation on association overhead. Second, we prove that increasing listen interval to reduce beacon reception wake-up duration may negatively impact energy efficiency. We identify the primary causes of this problem subject to link quality estimation algorithm and beacon delay. Third, we show that maintaining association by relying on access-point-based polling is not reliable. In particular, we confirm the wake-up delay of low-power stations is highly affected by factors such as channel utilization and beacon listen interval. We also confirm that key renewal aggravates the chance of disassociation.
In recent years, a significant increasing in development of Wireless networks is noticed; they become an entire part of the Internet and demonstrate effectiveness in handling communication for ...reduced public LAN and military applications. This is mainly due to their mobility and low cost solutions; nevertheless, they are also prone to several attacks related to data integrity, Deni of Service and eavesdropping. This paper discusses wireless security protocols, their limitations and weakness. We present also an overview of the FMS (Fluhrer, Mantin, Shamir), a recovery key attack and demonstrate its effectiveness in reducing the average number of intercept packets based on a well choice of IV (initialization vectors). Some comparative experiments on ciphertext-only attacks were performed in order to study the efficiency of such technique and underline encountered difficulties.