Design of Cyberwar Laboratory Exercises to Implement Common Security Attacks against IEEE 802.11 Wireless Networks

In wireless network communications, radio waves travel through free space; hence, the information reaches any receiving point with appropriate radio receivers. This aspect makes the wireless networks vulnerable to various types of attacks. A true understanding of these attacks provides better ability to defend the network against the attacks, thus eliminating potential threats from the wireless systems. This work presents a series of cyberwar laboratory exercises that are designed for IEEE 802.11 wireless networks security courses. The exercises expose different aspects of violations in security such as confidentiality, privacy, availability, and integrity. The types of attacks include traffic analysis, rogue access point, MAC filtering, replay, man-in-themiddle, and denial of service attacks. For each exercise, the materials are presented as open-source tools along with descriptions of the respective methods, procedures, and penetration techniques.

[1]  Paul J. Wagner,et al.  Designing and implementing a cyberwar laboratory exercise for a computer security course , 2004, SIGCSE '04.

[2]  Levente Buttyán,et al.  Security analysis of reliable transport layer protocols for wireless sensor networks , 2010, 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops).

[3]  Xiaohong YUAN,et al.  A Visualization Tool for Wireless Network Attacks , 2008 .

[4]  Vallipuram Muthukkumarasamy,et al.  802.11 DCF Denial of Service Vulnerabilities , 2005, Australian Computer, Network & Information Forensics Conference.

[5]  Srinivas Sampalli,et al.  Detection of Spoofed MAC Addresses in 802.11 Wireless Networks , 2007, ICETE.

[6]  Hyunuk Hwang,et al.  A Study on MITM (Man in the Middle) Vulnerability in Wireless Network Using 802.1X and EAP , 2008, 2008 International Conference on Information Science and Security (ICISS 2008).

[7]  Xiaohong Yuan,et al.  Laboratory design for wireless network attacks , 2008, InfoSecCD2008 2008.

[8]  Richard Han,et al.  Solutions to Security and Privacy Issues in Mobile Social Networking , 2009, 2009 International Conference on Computational Science and Engineering.

[9]  Udo Payer,et al.  Combating Wireless LAN MAC-layer Address Spoofing with Fingerprinting Methods , 2009, Int. J. Netw. Secur..

[10]  Abderrahmane Lakas,et al.  Analysis of the effect of security on data and voice traffic in WLAN , 2007, Comput. Commun..

[11]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[12]  S. Srilasak,et al.  Integrated Wireless Rogue Access Point Detection and Counterattack System , 2008, 2008 International Conference on Information Security and Assurance (isa 2008).

[13]  Prabhaker Mateti A laboratory-based course on internet security , 2003, SIGCSE.

[14]  M.A. Khan,et al.  Pseudo Random Number Based authentication to counter denial of service attacks on 802.11 , 2008, 2008 5th IFIP International Conference on Wireless and Optical Communications Networks (WOCN '08).

[15]  José Carlos Brustoloni Laboratory experiments for network security instruction , 2006, JERC.

[16]  Xu Ji,et al.  Location Privacy against Traffic Analysis Attacks in Wireless Sensor Networks , 2010, 2010 International Conference on Information Science and Applications.

[17]  Meikang Qiu,et al.  Jamming ACK Attack to Wireless Networks and a Mitigation Approach , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[18]  S Vinjosh Reddy,et al.  Wireless hacking - a WiFi hack by cracking WEP , 2010, 2010 2nd International Conference on Education Technology and Computer.

[19]  Udo W. Pooch,et al.  Using an isolated network laboratory to teach advanced networks and security , 2001, SIGCSE '01.

[20]  Bülent Tavli,et al.  Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks , 2009, Comput. Stand. Interfaces.

[21]  T. Andrew Yang,et al.  Wireless LAN security and laboratory designs , 2004 .

[22]  G. Padmavathi,et al.  A Survey of Attacks, Security Mechanisms and Challenges in Wireless Sensor Networks , 2009, ArXiv.

[23]  Vallipuram Muthukkumarasamy,et al.  Detecting Man-in-the-Middle and Wormhole Attacks in Wireless Mesh Networks , 2009, 2009 International Conference on Advanced Information Networking and Applications.

[24]  Abderrahim Benslimane,et al.  Impacts and solutions of control packets vulnerabilities with IEEE 802.11 MAC , 2009, Wirel. Commun. Mob. Comput..