Using Random Bit Authentication to Defend IEEE 802.11 DoS Attacks

• Main Authors: Hsien-Te Chien, 簡先得
• Other Authors: Wen-Nung Tsai
• Format: Others
• Language: en_US
• Online Access: http://ndltd.ncl.edu.tw/handle/19629260112231311789

碩士 === 國立交通大學 === 理學院碩士在職專班網路學習學程 === 94 === IEEE 802.11 network is prevailing, but the security issue is an important concern. WEP is the security mechanism in 802.11 specification. It has been proved that WEP is vulnerable and easy to be cracked. 802.11i is the enhanced version of security for 802.11 networks. The 802.11i focuses on integrity and confidentiality of transmitting data. The availability of 802.11 network is not considered properly. The management frames of 802.11 are not protected by any key based authentication. It causes the 802.11 network vulnerable to Denial of Service attacks. We designed a so called random bit authentication mechanism to defend Denial of Service attacks against 802.11 networks. We replace some unused bits in the MAC header of the 802.11 management frames with some authentication bits. The AP and STA can authenticate each other according to these authentication bits. We also exploited the characteristic of Sequence Number field in MAC header of the 802.11 frames to design an effective mechanism to filter out attacking frames. In our implementation and experiments, it shows that our two-phase filtering mechanism is effective and lightweight to defend IEEE 802.11 Denial of Service attacks.