无线局域网中隐身中间人攻击的检测

2012 2nd IEEE International Conference on Parallel, Distributed and Grid Computing Pub Date : 2012-12-01 DOI:10.1109/PDGC.2012.6449834

Vikas Kumar, Sandip Chakraborty, F. Barbhuiya, Sukumar Nandi

{"title":"无线局域网中隐身中间人攻击的检测","authors":"Vikas Kumar, Sandip Chakraborty, F. Barbhuiya, Sukumar Nandi","doi":"10.1109/PDGC.2012.6449834","DOIUrl":null,"url":null,"abstract":"Wireless Local Area Networks (WLANs) are acquiring their hold in all the verticals of life. WLANs have gone through rapid changes with respect to their security standards in near time. Man-in-the-Middle (MITM) attack is one of the most catastrophic attacks in WLAN. Stealth MITM (SMITM) attack is a new way of doing MITM based on Address Resolution Protocol (ARP) poisoning. In this attack, ARP poisoning is done directly to the victim by forging the frame ARP response protocol structure and exploiting WPA2 key management. In this paper we propose a Wireless Intrusion Detection System (WIDS) for SMITM attack. The proposed WIDS successfully detects the SMITM attack and other similar attacks like MITM (using ARP poisoning) and IP Spoofing. The proposed WIDS system is simulated in NS-3 network simulator and the scheme is found to work correctly when the attacker is static and is under the coverage of a single sensor during the complete period of attack.","PeriodicalId":166718,"journal":{"name":"2012 2nd IEEE International Conference on Parallel, Distributed and Grid Computing","volume":"353 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"23","resultStr":"{\"title\":\"Detection of stealth Man-in-the-Middle attack in wireless LAN\",\"authors\":\"Vikas Kumar, Sandip Chakraborty, F. Barbhuiya, Sukumar Nandi\",\"doi\":\"10.1109/PDGC.2012.6449834\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Wireless Local Area Networks (WLANs) are acquiring their hold in all the verticals of life. WLANs have gone through rapid changes with respect to their security standards in near time. Man-in-the-Middle (MITM) attack is one of the most catastrophic attacks in WLAN. Stealth MITM (SMITM) attack is a new way of doing MITM based on Address Resolution Protocol (ARP) poisoning. In this attack, ARP poisoning is done directly to the victim by forging the frame ARP response protocol structure and exploiting WPA2 key management. In this paper we propose a Wireless Intrusion Detection System (WIDS) for SMITM attack. The proposed WIDS successfully detects the SMITM attack and other similar attacks like MITM (using ARP poisoning) and IP Spoofing. The proposed WIDS system is simulated in NS-3 network simulator and the scheme is found to work correctly when the attacker is static and is under the coverage of a single sensor during the complete period of attack.\",\"PeriodicalId\":166718,\"journal\":{\"name\":\"2012 2nd IEEE International Conference on Parallel, Distributed and Grid Computing\",\"volume\":\"353 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"23\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 2nd IEEE International Conference on Parallel, Distributed and Grid Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDGC.2012.6449834\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 2nd IEEE International Conference on Parallel, Distributed and Grid Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDGC.2012.6449834","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 23

摘要

无线局域网(wlan)在生活的各个垂直领域都占有一席之地。近年来，无线局域网的安全标准发生了迅速的变化。中间人攻击(MITM)是WLAN中最具灾难性的攻击之一。隐身MITM (SMITM)攻击是一种基于地址解析协议(ARP)投毒的新型MITM攻击方式。该攻击通过伪造帧ARP响应协议结构，利用WPA2密钥管理，直接对受害者进行ARP中毒。本文提出一种针对SMITM攻击的无线入侵检测系统(WIDS)。提出的WIDS可以成功检测SMITM攻击和其他类似的攻击，如MITM(使用ARP中毒)和IP欺骗。在NS-3网络模拟器上对所提出的WIDS系统进行了仿真，结果表明，当攻击者处于静态状态，并且在整个攻击周期内处于单个传感器覆盖下时，该方案能够正常工作。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Detection of stealth Man-in-the-Middle attack in wireless LAN

Wireless Local Area Networks (WLANs) are acquiring their hold in all the verticals of life. WLANs have gone through rapid changes with respect to their security standards in near time. Man-in-the-Middle (MITM) attack is one of the most catastrophic attacks in WLAN. Stealth MITM (SMITM) attack is a new way of doing MITM based on Address Resolution Protocol (ARP) poisoning. In this attack, ARP poisoning is done directly to the victim by forging the frame ARP response protocol structure and exploiting WPA2 key management. In this paper we propose a Wireless Intrusion Detection System (WIDS) for SMITM attack. The proposed WIDS successfully detects the SMITM attack and other similar attacks like MITM (using ARP poisoning) and IP Spoofing. The proposed WIDS system is simulated in NS-3 network simulator and the scheme is found to work correctly when the attacker is static and is under the coverage of a single sensor during the complete period of attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 2nd IEEE International Conference on Parallel, Distributed and Grid Computing

自引率

0.00%

发文量