Static and Dynamic 4-Way Handshake Solutions to Avoid Denial of Service Attack in Wi-Fi Protected Access and IEEE 802.11i

This paper focuses on WPA and IEEE 802.11i protocols that represent two important solutions in the wireless environment. Scenarios where it is possible to produce a DoS attack and DoS flooding attacks are outlined. The last phase of the authentication process, represented by the 4-way handshake procedure, is shown to be unsafe from DoS attack. This can produce the undesired effect of memory exhaustion if a flooding DoS attack is conducted. In order to avoid DoS attack without increasing the complexity of wireless mobile devices too much and without changing through some further control fields of the frame structure of wireless security protocols, a solution is found and an extension of WPA and IEEE 802.11 is proposed. A protocol extension with three "static" variants and with a resource-aware dynamic approach is considered. The three enhancements to the standard protocols are achieved through some simple changes on the client side and they are robust against DoS and DoS flooding attack. Advantages introduced by the proposal are validated by simulation campaigns and simulation parameters such as attempted attacks, successful attacks, and CPU load, while the algorithm execution time is evaluated. Simulation results show how the three static solutions avoid memory exhaustion and present a good performance in terms of CPU load and execution time in comparison with the standard WPA and IEEE 802.11i protocols. However, if the mobile device presents different resource availability in terms of CPU and memory or if resource availability significantly changes in time, a dynamic approach that is able to switch among three different modalities could be more suitable

A Distributed Mitigation Strategy against DoS attacks in Edge Computing

Internet of Things (IoT) is a platform where every day devices become smarter, every day processing becomes intelligent, and every day communication becomes informative. Numerous challenges prevent to secure IoT devices and their end-to-end communication in an IoT environment. In fact, the IoT security is still an open challenge. The purpose of this work is to examine a distributed strategy for mitigating Denial of Service (DoS) attacks against the fog node in an edge computing context in which the nodes exchange messages through Message Queue Telemetry Transport (MQTT) protocol. The proposed strategy is based on a dynamic message sending frequency of the lightweight nodes. It is also mitigated data tampering and eavesdropping by using Elliptic Curve Cryptography (ECC)