ANM to Perceive and Thwart Denial of Service Attack in WLAN

Full Text (PDF, 508KB), PP.59-66

Views: 0 Downloads: 0

Author(s)

Durairaj M 1,* Persia A 1

1. School of Computer Science, Engineering & Applications, Bharathidasan University, Trichy

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2015.06.07

Received: 10 Aug. 2014 / Revised: 7 Nov. 2014 / Accepted: 16 Jan. 2015 / Published: 8 May 2015

Index Terms

Denial of Service Attack, MAC spoof, 802.11w, Wireless Local Area Infrastructure Network, ANM

Abstract

Wireless infrastructure network is vulnerable to Denial of Service (DoS) attack which makes the resources unavailable for its intended user. As an outcome of DoS attack, authenticated user is denied from accessing the network by spoofing legitimate client identity. Reduced protection in management frame led to MAC spoof DoS attack. Though 802.11w was developed to protect the management frame, the network is vulnerable to different DoS attacks and unable to prevent all types of DoS attacks. This motivated us to propose a mechanism to detect and prevent substantial number of DoS attacks. This paper proposes an algorithm called Alternative Numbering Mechanism (ANM) which prevents DoS attacks. The proposed solution is simulated in NS2 for experimentation. Packet delivery ratio, control overhead, normalized routing overhead, delay time, throughput and packet drop were measured for experimentation and to evaluate the performance of ANM. The experimental results of ANM demonstrate that the performance of ANM is encouraging and prevents nearly all types of DoS attacks.

Cite This Paper

Durairaj M, Persia A, "ANM to Perceive and Thwart Denial of Service Attack in WLAN", International Journal of Computer Network and Information Security(IJCNIS), vol.7, no.6, pp.59-66, 2015. DOI:10.5815/ijcnis.2015.06.07

Reference

[1]Anjum, Farooq, Subir Das, Praveen Gopalakrishnan, Latha Kant, and Byungsuk Kim (2005) "Security in an insecure WLAN network." In Wireless Networks, Communications and Mobile Computing, 2005 International Conference on, vol. 1, pp. 292-297. IEEE.
[2]Arash Habibi Lashkari, Mir Mohammad SeyedDanesh, BehrangSamadi (2009). A Survey on Wireless Security protocols (WEP, WPA and WPA2/802.11i). 2nd IEEE International Conference on Computer Science and Information Technology (ICCSIT), Beijing, China, August 8-11, pp. 48-52.
[3]Bansal, R., Tiwari, S., &Bansal, D, (2008) "Non-cryptographic methods of MAC spoof detection in wireless LAN", In Networks, 2008. ICON 2008, pp. 1-6, IEEE.
[4]Brad Antoniewicz "802.11 attacks version 1.0", White paper.
[5]Cardenas, E. D. "MAC Spoofing-An Introduction": http://www. giac. org/practical."
[6]Durairaj M, Persia A (2014) "ThreV - An Efficacious Algorithm to Thwart MAC Spoof DoS Attack in Wireless Local Area Infrastructure Network", Indian Journal of Science and Technology. Vol 7 (5), 39-46.
[7]Ferreri F and Bernaschi M, Valcamonici L (2008). Access points vulnerabilities to DoS attacks in 802.11 networks. Wireless Networks,vol 14, pp. 159-169, 2008.
[8]Guo, F., &Chiueh, T. C., (2006) "Sequence number-based MAC address spoof detection", In Recent Advances in Intrusion Detection,pp. 309-329. Springer Berlin Heidelberg.
[9]http://en.wikipedia.org/wiki/IEEE_802.11w (2009).
[10]Jalil Desa, Mina Malekzadeh, Abdul Azim Abdul Ghani and ShamalaSubramaniam (2008). An Experimental Evaluation of DoS Attack and Its Impact on Throughput of IEEE 802.11 Wireless Networks. International Journal of Computer Science and Network Security, Vol. 8, No. 8, pp. 1-5.
[11]John Bellardo and Stefan Savage (2003). 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. USENIX Security Symposium, Washington D.C.
[12]Kai Tao, Jing Li, and SrinivasSampalli (2008)"Detection of Spoofed MAC Addresses in 802.11 Wireless Networks", Springer-Verlag Berlin Heidelberg pp. 201–213.
[13]Kemal Bicakci and BulentTavli (2009). Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks. Computer Standards & Interfaces, pp. 931–941.
[14]Li, Qing, and Wade Trappe (2007) "Detecting spoofing and anomalous traffic in wireless networks via forge-resistant relationships." Information Forensics and Security, IEEE Transactions on 2.4: 793-808.
[15]Nancy Cam-Winget, Russ Housley, David Wagner and Jesse Walker (2003). Security flaws in 802.11 data link protocols. Communications of the ACM, Vol.46, Issue. 5.
[16]Radomir Prodanovic and DejanSimic (2007). A Survey of Wireless Security. Journal of Computing and Information Technology, CIT 15, 3, pp. 237-255.
[17]Stanley Wong (2003). The Evolution of Wireless Security in 802.11 Networks: WEP, WPA and 802.11 Standards. GSEC Practical v1.4b.
[18]Tanatat Saelim, PrawitChumchu and ChunyamonSriklauy (2011). A New MAC Address Spoofing Detection Algorithm using PLCP Header. IEEE, ICOIN, 48-53.
[19]Yong Sheng, Keren Tan, Guanling Chen, David Kotz and Andrew Cambell (2008). Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength, The 27th Conference on Computer Communications IEEE.