Wireless local area network management frame denial- of-service attack detection and mitigation schemes

Wireless Local Area Networks (WLAN) are increasingly deployed and in widespread use worldwide due to its convenience and low cost. However, due to the broadcasting and the shared nature of the wireless medium, WLANs are vulnerable to a myriad of attacks. Although there have been concerted efforts to improve the security of wireless networks over the past years, some attacks remain inevitable. Attackers are capable of sending fake de-authentication or disassociation frames to terminate the session of active users; thereby leading to denial of service, stolen passwords, or leakage of sensitive information amongst many other cybercrimes. The detection of such attacks is crucial in today's critical applications. Many security mechanisms have been proposed to effectively detect these issues, however, they have been found to suffer limitations which have resulted in several potential areas of research. This thesis aims to address the detection of resource exhaustion and masquerading DoS attacks problems, and to construct several schemes that are capable of distinguishing between benign and fake management frames through the identification of normal behavior of the wireless stations before sending any authentication and de-authentication frames. Thus, this thesis proposed three schemes for the detection of resource exhaustion and masquerading DoS attacks. The first scheme was a resource exhaustion DoS attacks detection scheme, while the second was a de- authentication and disassociation detection scheme. The third scheme was to improve the detection rate of the de-authentication and disassociation detection scheme using feature derived from an unsupervised method for an increased detection rate. The effectiveness of the performance of the proposed schemes was measured in terms of detection accuracy under sophisticated attack scenarios. Similarly, the efficiency of the proposed schemes was measured in terms of preserving the resources of the access point such as memory consumptions and processing time. The validation and analysis were done through experimentation, and the results showed that the schemes have the ability to protect wireless infrastructure networks against denial of service attacks

Resource Exhaustion Attack Detection Scheme for WLAN Using Artificial Neural Network

IEEE 802.11 Wi-Fi networks are prone to many denial of service (DoS) attacks due to vulnerabilities at the media access control (MAC) layer of the 802.11 protocol. Due to the data transmission nature of the wireless local area network (WLAN) through radio waves, its communication is exposed to the possibility of being attacked by illegitimate users. Moreover, the security design of the wireless structure is vulnerable to versatile attacks. For example, the attacker can imitate genuine features, rendering classification-based methods inaccurate in differentiating between real and false messages. Although many security standards have been proposed over the last decades to overcome many wireless network attacks, effectively detecting such attacks is crucial in today’s real-world applications. This paper presents a novel resource exhaustion attack detection scheme (READS) to detect resource exhaustion attacks effectively. The proposed scheme can differentiate between the genuine and fake management frames in the early stages of the attack such that access points can effectively mitigate the consequences of the attack. The scheme is built through learning from clustered samples using artificial neural networks to identify the genuine and rogue resource exhaustion management frames effectively and efficiently in the WLAN. The proposed scheme consists of four modules which make it capable to alleviates the attack impact more effectively than the related work. The experimental results show the effectiveness of the proposed technique by gaining an 89.11% improvement compared to the existing works in terms of detection

Detection and prevention of denial of service attacks (DOS) in WLANs infrastructure

Wireless networks are very common today because of their flexibi lity, portability and ease of installation. Users working through wireless connections have to be aware o f the environments due to the vulnerability of the infrastructure and various types of attacks that can be made by the intruders to compromise valuable and critical data. Denial of Service attack (DOS) is t he most significant attack in the wireless 802.11 WLANs. Wired Equivalent Privacy (WEP) and Wi-Fi Protecte d Access (WPA) security protocols are used to protect wireless network infrastructure against intrude rs. Despite remarkable advances, both WEP and WPA protocols still suffer from DOS attack because their management and control frame is not encrypted. Integrated Central Manager (ICM) algorithm was proposed to de tect and prevent DOS attacks. However, in ICM, time needed to detect DOS attack is too long. The alg orithm maintains five tables for observing activities in the network. When a client requests for a conne ction, all the five tables needs to be processed; this is increases both network overhead and latency. In This pa per, we proposed an algorithm called Enhanced Integrated Central Manager (EICM) to enhance DOS dete ction and prevention time. The algorithm was evaluated by gathering MAC addresses using Wire shark software and MATLAB was used for simulation. The obtained results demonstrate that that the proposed algorithm outperforms its predecessor in terms of DOS detection and prevention time by decr easing network overhead

Deauthentication and disassociation detection and mitigation scheme using artificial neural network

Wireless local area networks (WLAN) are increasingly deployed and widespread worldwide due to the convenience and the low cost that characterized it. However, due to the broadcasting and the shared nature of the wireless medium, WLANs are vulnerable to many kinds of attacks. Although there are many efforts to improve the security of a wireless network, some attacks are inevitable. Attackers can send fake de-authentication or disassociation frames to end the session a victim leading to a denial of service, stolen passwords, and leaks of sensitive information among many other cybercrimes. Effectively detecting such attacks is crucial in today’s critical applications. However, the extant security standards are vulnerable to such an attack, and it is still an open research problem. In this paper, a scheme called D3MS is proposed to detect and mitigate de-authentication and disassociation attack effectively. The aim is to construct a model that can distinguish between benign and fake frames by recognizing the normal behavior of the wireless station before sending the authentication and de-authentication frames. The hypothesis is that the emulating the normal behavior of a benign station prior to the authentication and de-authentication attack is useless. The experimentation results showed the effectiveness of the proposed detection technique. The proposed scheme has improved the detection performance by 64.4% comparing to the related work

The CSFs from the Perspective of Users in Achieving ERP System Implementation and Post-Implementation Success: A Case of Saudi Arabian Food Industry

Enterprise resource planning (ERP) systems have a major impact on the functioning of organizations and the development of business strategy. However, one of the main reasons that cause failure in ERP implementations to achieve the expected benefits is that the system is not fully accepted by end users. User rejection of the system is the second reason after time and budget overrun, while the fourth barrier to ERP post-implementation. Most studies have focused on ERP adoption and installation while neglecting post-implementation evaluation, which omits insights into the priority of ERP systems and CSFs from the stance of ERP users. Therefore, this study identified factors that led to user acceptance of the use of ERP systems at both implementation and post-implementation stages (after installation). In addition, this study assessed the interrelationship between the factors and the most influential factors toward user acceptance. A survey was conducted among pioneers of the food industry in Saudi Arabia, which included 144 ERP system users from assembly and manufacturing, accounts, human resources, warehouse, and sales departments. The descriptive-analytical approach was deployed in this study. As a result, project management, top management support, and user training had significant impacts on the efficacy of ERP system implementation. On the contrary, support for technological changes in new software and hardware, managing changes in systems, procedures, and work steps already in place within the organization, as well as user interfaces and custom code, displayed a direct impact on user acceptance of ERP systems post-implementation. This study is the first research that provides a rating of CSFs from the perspective of its users in Saudi Arabia. It also enables decision makers of food industries to better assess the project risks, implement risk-mitigation methods, create appropriate intervention techniques to discover the strengths and limitations of the ERP users, and value the “best of fit” solutions over “best practice” solutions when determining the most appropriate option for food industries

The CSFs from the Perspective of Users in Achieving ERP System Implementation and Post-Implementation Success: A Case of Saudi Arabian Food Industry

Enterprise resource planning (ERP) systems have a major impact on the functioning of organizations and the development of business strategy. However, one of the main reasons that cause failure in ERP implementations to achieve the expected benefits is that the system is not fully accepted by end users. User rejection of the system is the second reason after time and budget overrun, while the fourth barrier to ERP post-implementation. Most studies have focused on ERP adoption and installation while neglecting post-implementation evaluation, which omits insights into the priority of ERP systems and CSFs from the stance of ERP users. Therefore, this study identified factors that led to user acceptance of the use of ERP systems at both implementation and post-implementation stages (after installation). In addition, this study assessed the interrelationship between the factors and the most influential factors toward user acceptance. A survey was conducted among pioneers of the food industry in Saudi Arabia, which included 144 ERP system users from assembly and manufacturing, accounts, human resources, warehouse, and sales departments. The descriptive-analytical approach was deployed in this study. As a result, project management, top management support, and user training had significant impacts on the efficacy of ERP system implementation. On the contrary, support for technological changes in new software and hardware, managing changes in systems, procedures, and work steps already in place within the organization, as well as user interfaces and custom code, displayed a direct impact on user acceptance of ERP systems post-implementation. This study is the first research that provides a rating of CSFs from the perspective of its users in Saudi Arabia. It also enables decision makers of food industries to better assess the project risks, implement risk-mitigation methods, create appropriate intervention techniques to discover the strengths and limitations of the ERP users, and value the “best of fit” solutions over “best practice” solutions when determining the most appropriate option for food industries

Impact of early estimation of statistical flow features in on-line P2P classification

Managing high-bandwidth application traffic through identification of bandwidth-heavy Internet traffic is important for network administration. classification based on statistical flow features was proven as an encouraging method for identifying Internet traffic. Early estimation of statistical flow features from first n packets still plays an essential role in accurate and timely traffic classification. In this work, we investigate the impact of early estimation of statistical flow features for on-line P2P classification in terms of accuracy, Kappa statistic and classification time. Simulations were conducted using available traces from the University of Brescia. Results illustrate the early statistical flow features estimation for gives the most significant accuracy and efficiency to detect P2P traffic

Edge computing intelligence using robust feature selection for network traffic classification in internet-of-things

Internet-of-Things (IoT) devices are massively interconnected, which generates a massive amount of network traffic. The concept of edge computing brings a new paradigm to monitor and manage network traffic at the network's edge. Network traffic classification is a critical task to monitor and identify Internet traffic. Recent traffic classification works suggested using statistical flow features to classify network traffic accurately using machine learning techniques. The selected classification features must be stable and can work across different spatial and temporal heterogeneity. This paper proposes a feature selection mechanism called Ensemble Weight Approach (EWA) for selecting significant features for Internet traffic classification based on multi-criterion ranking and selection mechanisms. Extensive simulations have been conducted using publicly-available traces from the University of Cambridge. The simulation results demonstrate that EWA is capable of identifying stable features subset for Internet traffic identification. EWA-selected features improve the mean accuracy up to 1.3% and reduce RMSE using fewer features than other feature selection methods. The smaller number of features directly contributes to shorter classification time. Furthermore, the selected features can train stable traffic classification generative models irrespective of the dataset's spatial and temporal differences, with consistent accuracy up to 97%. The overall performance indicates that EWA-selected statistical flow features can improve the overall traffic classification