IEEE 802.11 i Security and Vulnerabilities

Despite using a variety of comprehensive preventive security measures, the Robust Secure Networks (RSNs) remain vulnerable to a number of attacks. Failure of preventive measures to address all RSN vulnerabilities dictates the need for enhancing the performance of Wireless Intrusion Detection Systems (WIDSs) to detect all attacks on RSNs with less false positive and false negative rates

A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Cluster Based Intrusion Detection Technique for Wireless Networks

Wireless networks are vulnerable to spoofing attacks, which allows for many other forms of attacks on the networks. Although th e identity of a node can be verified through cryptographic authentication, authentication is not always possible because it requires key management and additional infrastructural overhead. In this paper we propose a method for both detect ing spoofing attacks, as well as locating the positions of adversaries performing the attacks. We propose to use the spatial correlation of received signal strength (RSS) inherited from wireless nodes to detect the spoofing attacks. We then formulate the problem of determin ing the number of attackers as a multiclass detection problem. Cluster - based mechanisms are developed to determine the number of attackers. When the training data are available, we explore using the Support Vector Machines (SVM) method to further improve t he accuracy of determining the number of attackers. In addition, we developed an integrated detection and localization system that can localize the positions of multiple attackers. We evaluated our techniques through two test beds using both an 802.11 ( Wi - Fi ) network and an 802.15.4 network in two real office buildings. Our experimental results show that our proposed methods can achieve over 90 percent Hit Rate and Precision when determining the number of attackers. Our localizatio n results using a represen tative set of algorithms provide strong evidence of high accuracy of localizing multiple adversaries

A New MAC Address Spoofing Detection Technique Based on Random Forests

Media access control (MAC) addresses in wireless networks can be trivially spoofed using off-the-shelf devices. The aim of this research is to detect MAC address spoofing in wireless networks using a hard-to-spoof measurement that is correlated to the location of the wireless device, namely the received signal strength (RSS). We developed a passive solution that does not require modification for standards or protocols. The solution was tested in a live test-bed (i.e., a wireless local area network with the aid of two air monitors acting as sensors) and achieved 99.77%, 93.16% and 88.38% accuracy when the attacker is 8–13 m, 4–8 m and less than 4 m away from the victim device, respectively. We implemented three previous methods on the same test-bed and found that our solution outperforms existing solutions. Our solution is based on an ensemble method known as random forests.https://doi.org/10.3390/s1603028

A Survey of Different Dos Attacks on Wireless Network

Wireless technologies like Wireless LAN (WLAN) 802.11 picking up ubiquity in all associations, undertakings and colleges because of its profitability, cost sparing when contrasted with wired system and usability by enabling the system clients to move physically while keeping up an association with the wireless system. Wireless systems are main stream among the Laptop client group today in light of the portability and usability. Individuals working through remote association must know about the surroundings because of the different sorts of assaults made by the interlopers. Remote systems are extremely defenseless against (Denial of Service) DoS attacks. DoS attacks are an endeavor to make a machine or system asset inaccessible to its clients. It can happen in numerous layers of OSI demonstrate and can happen in different frame Network clients can ensure their frameworks with Wi-Fi Protected Access (WPA) security conventions and Wired Equivalent Privacy (WEP), however DoS attack still can't be averted utilizing these conventions. These attacks bring about debasement of the system quality or finish loss of accessibility of the system inside the association. This survey paper makes a review on various kinds of DoS attacks and their countermeasures on the framework systems which depend on the Access Points (AP). The fundamental assaults called Deauthentication and Disassociation Flooding. DoS assaults are considered there avoidance/discovery arrangements. Keywords- Access Points, DoS, Wireless Security, 802.11, Disassociation, Deauthentication, Flooding attack

Intrusion Detection System for Platooning Connected Autonomous Vehicles

The deployment of Connected Autonomous Vehicles (CAVs) in Vehicular Ad Hoc Networks (VANETs) requires secure wireless communication in order to ensure reliable connectivity and safety. However, this wireless communication is vulnerable to a variety of cyber atacks such as spoofing or jamming attacks. In this paper, we describe an Intrusion Detection System (IDS) based on Machine Learning (ML) techniques designed to detect both spoofing and jamming attacks in a CAV environment. The IDS would reduce the risk of traffic disruption and accident caused as a result of cyber-attacks. The detection engine of the presented IDS is based on the ML algorithms Random Forest (RF), k-Nearest Neighbour (k-NN) and One-Class Support Vector Machine (OCSVM), as well as data fusion techniques in a cross-layer approach. To the best of the authors’ knowledge, the proposed IDS is the first in literature that uses a cross-layer approach to detect both spoofing and jamming attacks against the communication of connected vehicles platooning. The evaluation results of the implemented IDS present a high accuracy of over 90% using training datasets containing both known and unknown attacks

Intrusion Detection for Smart Grid Communication Systems

Transformation of the traditional power grid into a smart grid hosts an array of vulnerabilities associated with communication networks. Furthermore, wireless mediums used throughout the smart grid promote an environment where Denial of Service (DoS) attacks are very effective. In wireless mediums, jamming and spoofing attack techniques diminish system operations thus affecting smart grid stability and posing an immediate threat to Confidentiality, Integrity, and Availability (CIA) of the smart grid. Intrusion detection systems (IDS) serve as a primary defense in mitigating network vulnerabilities. In IDS, signatures created from historical data are compared to incoming network traffic to identify abnormalities. In this thesis, intrusion detection algorithms are proposed for attack detection in smart grid networks by means of physical, data link, network, and session layer analysis. Irregularities in these layers provide insight to whether the network is experiencing genuine or malicious activity

Securearray: Improving WiFi security with fine-grained physical-layer information

Despite the important role that WiFi networks play in home and enterprise networks they are relatively weak from a security standpoint. With easily available directional antennas, attackers can be physically located off-site, yet compromise WiFi security protocols such as WEP, WPA, and even to some extent WPA2 through a range of exploits specific to those protocols, or simply by running dictionary and human-factors attacks on users' poorly-chosen passwords. This presents a security risk to the entire home or enterprise network. To mitigate this ongoing problem, we propose SecureArray, a system designed to operate alongside existing wireless security protocols, adding defense in depth against active attacks. SecureArray's novel signal processing techniques leverage multi-antenna access point (AP) to profile the directions at which a client's signals arrive, using this angle-of-arrival (AoA) information to construct highly sensitive signatures that with very high probability uniquely identify each client. Upon overhearing a suspicious transmission, the client and AP initiate an AoA signature-based challenge-response protocol to confirm and mitigate the threat. We also discuss how SecureArray can mitigate direct denial-of-service attacks on the latest 802.11 wireless security protocol. We have implemented SecureArray with an eight-antenna WARP hardware radio acting as the AP. Our experimental results show that in a busy office environment, SecureArray is orders of magnitude more accurate than current techniques, mitigating 100% of WiFi spoofing attack attempts while at the same time triggering false alarms on just 0.6% of legitimate traffic. Detection rate remains high when the attacker is located only five centimeters away from the legitimate client, for AP with fewer numbers of antennas and when client is mobile