I. Martinovic, Paul Pichota, M. Wilhelm, Frank A. Zdarsky, J. Schmitt
{"title":"设计、实现和性能分析dissecs -服务包用于保护无线局域网","authors":"I. Martinovic, Paul Pichota, M. Wilhelm, Frank A. Zdarsky, J. Schmitt","doi":"10.1109/WOWMOM.2008.4594831","DOIUrl":null,"url":null,"abstract":"To improve the already tarnished reputation of WLAN security, the new IEEE 802.11i security standard provides means for an enhanced user authentication and strong data confidentiality. However, the standard focuses on securing higher-layer data, i.e., protecting IEEE 802.11 data frames. Management frames used for connection administration are left unprotected and a wide spectrum of known attacks is still applicable and even extended against the IEEE 802.11i/IEEE 802.1Xprotocol execution. This work describes DiscoSec, a service pack for \"patching\" WLANs against the most prominent vulnerabilities resulting in resource-depletion and impersonation attacks. DiscoSec provides DoS-resilient key exchange, an efficient frame authentication, and a performance-oriented implementation. By means of extensive real-world measurements the performance of DiscoSec is evaluated showing that even on very resource-limited devices the throughput is decreased by only 22 % compared to the throughput without any authentication, and by 6% on more powerful hardware. To demonstrate its effectiveness, DiscoSec is available as an open-source WLAN device driver.","PeriodicalId":346269,"journal":{"name":"2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Design, implementation, and performance analysis of DiscoSec — Service pack for securing WLANs\",\"authors\":\"I. Martinovic, Paul Pichota, M. Wilhelm, Frank A. Zdarsky, J. Schmitt\",\"doi\":\"10.1109/WOWMOM.2008.4594831\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To improve the already tarnished reputation of WLAN security, the new IEEE 802.11i security standard provides means for an enhanced user authentication and strong data confidentiality. However, the standard focuses on securing higher-layer data, i.e., protecting IEEE 802.11 data frames. Management frames used for connection administration are left unprotected and a wide spectrum of known attacks is still applicable and even extended against the IEEE 802.11i/IEEE 802.1Xprotocol execution. This work describes DiscoSec, a service pack for \\\"patching\\\" WLANs against the most prominent vulnerabilities resulting in resource-depletion and impersonation attacks. DiscoSec provides DoS-resilient key exchange, an efficient frame authentication, and a performance-oriented implementation. By means of extensive real-world measurements the performance of DiscoSec is evaluated showing that even on very resource-limited devices the throughput is decreased by only 22 % compared to the throughput without any authentication, and by 6% on more powerful hardware. To demonstrate its effectiveness, DiscoSec is available as an open-source WLAN device driver.\",\"PeriodicalId\":346269,\"journal\":{\"name\":\"2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-06-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WOWMOM.2008.4594831\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WOWMOM.2008.4594831","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Design, implementation, and performance analysis of DiscoSec — Service pack for securing WLANs
To improve the already tarnished reputation of WLAN security, the new IEEE 802.11i security standard provides means for an enhanced user authentication and strong data confidentiality. However, the standard focuses on securing higher-layer data, i.e., protecting IEEE 802.11 data frames. Management frames used for connection administration are left unprotected and a wide spectrum of known attacks is still applicable and even extended against the IEEE 802.11i/IEEE 802.1Xprotocol execution. This work describes DiscoSec, a service pack for "patching" WLANs against the most prominent vulnerabilities resulting in resource-depletion and impersonation attacks. DiscoSec provides DoS-resilient key exchange, an efficient frame authentication, and a performance-oriented implementation. By means of extensive real-world measurements the performance of DiscoSec is evaluated showing that even on very resource-limited devices the throughput is decreased by only 22 % compared to the throughput without any authentication, and by 6% on more powerful hardware. To demonstrate its effectiveness, DiscoSec is available as an open-source WLAN device driver.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
