155 research outputs found
Detection of Man-in-the-middle Attacks Using Physical Layer Wireless Security Techniques
In a wireless network environment, all the users are able to access the wireless channel. Thus, if malicious users exploit this feature by mimicking the characteristics of a normal user or even the central wireless access point (AP), they can intercept almost all the information through the network. This scenario is referred as a Man-in-the-middle (MITM) attack. In the MITM attack, the attackers usually set up a rogue AP to spoof the clients. In this thesis, we focus on the detection of MITM attacks in Wi-Fi networks. The thesis introduces the entire process of performing and detecting the MITM attack in two separate sections. The first section starts from creating a rogue AP by imitating the characteristics of the legitimate AP. Then a multi-point jamming attack is conducted to kidnap the clients and force them to connect to the rogue AP. Furthermore, the sniffer software is used to intercept the private information passing through the rogue AP. The second section focuses on the detection of MITM attacks from two aspects: jamming attacks detection and rogue AP detection. In order to enable the network to perform defensive strategies more effectively, distinguishing different types of jamming attacks is necessary. We begin by using signal strength consistency mechanism in order to detect jamming attacks. Then, based on the statistical data of packets send ratio (PSR) and packets delivery ratio (PDR) in different jamming situations, a model is built to further differentiate the jamming attacks. At the same time, we gather the received signal strength indication (RSSI) values from three monitor nodes which process the random RSSI values employing a sliding window algorithm. According to the mean and standard deviation curve of RSSI, we can detect if a rogue AP is present within the vicinity. All these proposed approaches, either attack or detection, have been validated via computer simulations and experimental hardware implementations including Backtrack 5 Tools and MATLAB software suite
Security technologies for wireless access to local area networks
In today’s world, computers and networks are connected to all life aspects and professions.
The amount of information, personal and organizational, spread over the network
is increasing exponentially. Simultaneously, malicious attacks are being developed at the
same speed, which makes having a secure network system a crucial factor on every level
and in any organization. Achieving a high protection level has been the goal of many
organizations, such as the Wi-Fi Alliance
R , and many standards and protocols have been
developed over time.
This work addresses the historical development of WLAN security technologies, starting
from the oldest standard, WEP, and reaching the newly released standard WPA3, passing
through the several versions in between,WPA, WPS, WPA2, and EAP. Along with WPA3,
this work addresses two newer certificates, Enhanced OpenTM and Easy ConnectTM. Furthermore,
a comparative analysis of the previous standards is also presented, detailing
their security mechanisms, flaws, attacks, and the measures they have adopted to prevent
these attacks. Focusing on the new released WPA3, this work presents a deep study
on both WPA3 and EAP-pwd. The development of WPA3 had the objective of providing
strong protection, even if the network’s password is considered weak. However, this
objective was not fully accomplished and some recent research work discovered design
flaws in this new standard.
Along with the above studies, this master thesis’ work builds also a network for penetration
testing using a set of new devices that support the new standard. A group of possible
attacks onWi-Fi latest security standards was implemented on the network, testing the response
against each of them, discussing the reason behind the success or the failure of the
attack, and providing a set of countermeasures applicable against these attacks. Obtained results show that WPA3 has overcome many of WPA2’s issues, however, it is still unable to overcome some major Wi-Fi vulnerabilities.No mundo de hoje, os computadores e as redes estão conectados praticamente a todos
os aspectos da nossa vida pessoal e profissional. A quantidade de informações, pessoais
e organizacionais, espalhadas pela rede está a aumentar exponencialmente. Simultaneamente,
também os ataques maliciosos estão a aumentar à mesma velocidade, o que faz
com que um sistema de rede seguro seja um fator crucial a todos os níveis e em qualquer
organização. Alcançar altos níveis de proteção tem sido o objetivo de trabalho de muitas
organizações, como a Wi-Fi Alliance
R , tendo muitos standards e protocolos sido desenvolvidos
ao longo do tempo.
Este trabalho aborda o desenvolvimento histórico das tecnologias de segurança para WLANs,
começando pelo standard mais antigo, WEP, e acabando no recém-chegado WPA3, passando
pelas várias versões intermedias, WPA, WPS, WPA2 e EAP. Juntamente com o
WPA3, este trabalho aborda os dois certificados mais recentes, Enhanced OpenTM e Easy
ConnectTM. Além disso, também é apresentada uma análise comparativa dos standards
anteriores, detalhando os seus principais mecanismos de segurança, falhas, ataques a que
são susceptíveis e medidas adotadas para evitar esses ataques. Quanto ao novo WPA3
e EAP-pwd, este trabalho apresenta um estudo aprofundado sobre os seus modos "Personal"
e "Enterprise". O desenvolvimento do WPA3 teve por objetivo fornecer proteção
forte, mesmo que a password de rede seja considerada fraca. No entanto, esse objetivo
não foi totalmente alcançado e alguma investigação realizada recentemente detectou falhas
de desenho nesse novo padrão.
Juntamente com os estudo dos standards acima referidos, o trabalho realizado para esta
tese de mestrado também constrói uma rede para testes de penetração usando um conjunto
de novos dispositivos que já suportam o novo standard. São aplicados vários ataques aos
mais recentes padrões de segurança Wi-Fi, é testada a sua resposta contra cada um deles,
é discutindo o motivo que justifica o sucesso ou a falha do ataque, e são indicadas
contramedidas aplicáveis a esses ataques. Os resultados obtidos mostram que o WPA3
superou muitos dos problemas do WPA2 mas que, no entanto, ainda é incapaz de superar
algumas das vulnerabilidades presentes nas redes Wi-Fi.First, I would like to express my deepest appreciation to those who gave me the possibility
to complete my study and get my Master degree, the Aga Khan Foundation, who has
supported me financiall
Automated Man-in-the-Middle Attack Against Wi‑Fi Networks
Currently used wireless communication technologies suffer security weaknesses that can be exploited allowing to eavesdrop or to spoof network communication. In this paper, we present a practical tool that can automate the attack on wireless security. The developed package called wifimitm provides functionality for the automation of MitM attacks in the wireless environment. The package combines several existing tools and attack strategies to bypass the wireless security mechanisms, such as WEP, WPA, and WPS. The presented tool can be integrated into a solution for automated penetration testing. Also, a popularization of the fact that such attacks can be easily automated should raise public awareness about the state of wireless security
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Darma: Defeating And Reconnaissance Manna-Karma Attacks In 802.11 With Multiple Detections And Prevention
The vast growing usage of mobile phones increases Wi-Fi technology. At present, the pattern of human interaction with the internet is not a desktop or laptop anymore. The assimilation of tools for surfing, working, and communication is now shifting to mobile phones. Thus, this is the motivation to expand Wi-Fi technology so that it will be the primary medium for internet connectivity. Hence, increasing the security risk for it attracts attackers despite its popularity among users. The DOS attack in 802.11 management frames is widely known as an initial process before Man-in-the-middle (MiTM) attacks in 802.11 takes part. Karma and Manna's attacks are an unprecedented attack in the 802.11 management frames. This paper proposed a mechanism called Defeating and Reconnaissance Manna-karma Attack (DARMA), which is client-side multiple detection techniques to defeat and prevent karma-manna attack. The proposed mechanism consisted of 4 layers of processes inclusive of monitors, detection, confirmation, and preventions. The effectiveness of the detection is base of the current real-time behaviour of the packets
Some ethical hacking possibilities in Kali Linux environment
This paper deals with the problem of ethical hacking and security of computer systems. When we talk about security of an information system, we actually mean the primary three attributes of the system: confidentiality, integrity and availability. There are various approaches with aim to identify existing security weaknesses and security assessment. One of them is using Kali Linux operating system with its integrated effective tools specially adapted to the realization of various types of attacks. The paper gives a general overview of some Kali attacking possibilities on client and server side and highlights their specificities. The undoubted benefit of this operating system is a large collection of different hacking tools in one place which significantly facilitates vulnerability assessment and security testing
MITM Attack Automation Using Single-Board Solution
Práca je zameraná na návrh MiTM útokov s využitím moderných prístupov pri návrhu IT infraštruktúri. Špecificky sa zameriava na možnosti využitia jednodoskových počítačov a na možnosti ako zjednodušiť ich kofiguráciu pre účely penetračného testovania. Navrhnuté a implementované riešenie umožnuje použitie komplikovaných útokov personálom, ktorý je len zaškolený, pričom neobmedzuje použitie skúseným personálom. Zatiaľ čo dnešné prístupy by sa dali považovať sa monolitické a centrické, navrhnuté riešenie berie samotný MiTM útok len ako časť riešenia pričom sa zameriava aj na ostatné aspekty ako napríklad exfiltrácia dát, alebo crackovanie hesiel.Thesis is focused on design of MiTM attack with use of modern approaches in IT infrastructure. Especially it's focused on how to simplify configuration of single-board computer for penetration testing purposes by creating scalable infrastructure for device configuration and control. Proposed solution allows the usage of complicated attacks by trained staff while not limiting users with experience in network security. While today, applications capable of MiTM attacks are monolithic and device-centric, proposed solution considers the device providing MiTM just as one part of the solution and also focuses on other problems like data exfiltration or hash cracking.
Overview of the Course in “Wireless and Mobile Security”
This paper provides an overview of “Wireless and Mobile Security” course. The course offers practical study of security issues and features concerning wireless security. The program of the course effciently interleaves systematic theoretical knowledge and practical work. The theoretical part of the course includes basic information about the architecture of wireless networks, as well as available in this area to modern standards and protection mechanisms built into the equipment for wireless networks. It is also proposed an effective method for integrating a wireless network with the existing network infrastructure, taking into account all aspects of security. More than 50 percent of teaching time is devoted to practical work on the protection of wireless networks.
During the course skills to work with software NetStumbler, Kismet, AirSnort, Aircrack, and other monitoring wireless and network tools will be acquired. Particular attention is paid to the use of the most common tools of audit wireless networks, both commercial, and open source. In conclusion, a comprehensive approach to wireless security will be offered for each wireless technology
Block the Root Takeover: Validating Devices Using Blockchain Protocol
This study addresses a vulnerability in the trust-based STP protocol that allows malicious users to target an Ethernet LAN with an STP Root-Takeover Attack. This subject is relevant because an STP Root-Takeover attack is a gateway to unauthorized control over the entire network stack of a personal or enterprise network. This study aims to address this problem with a potentially trustless research solution called the STP DApp. The STP DApp is the combination of a kernel /net modification called stpverify and a Hyperledger Fabric blockchain framework in a NodeJS runtime environment in userland. The STP DApp works as an Intrusion Detection System (IPS) by intercepting Ethernet traffic and blocking forged Ethernet frames sent by STP Root-Takeover attackers. This study’s research methodology is a quantitative pre-experimental design that provides conclusive results through empirical data and analysis using experimental control groups. In this study, data collection was based on active RAM utilization and CPU Usage during a performance evaluation of the STP DApp. It blocks an STP Root-Takeover Attack launched by the Yersinia attack tool installed on a virtual machine with the Kali operating system. The research solution is a test blockchain framework using Hyperledger Fabric. It is made up of an experimental test network made up of nodes on a host virtual machine and is used to validate Ethernet frames extracted from stpverify
- …