Deauthentication and Disassociation Detection and Mitigation Scheme Using Artificial Neural Network

Wireless local area networks (WLAN) are increasingly deployed and widespread worldwide due to the convenience and the low cost that characterized it. However, due to the broadcasting and the shared nature of the wireless medium, WLANs are vulnerable to many kinds of attacks. Although there are many efforts to improve the security of a wireless network, some attacks are inevitable. Attackers can send fake de-authentication or disassociation frames to end the session a victim leading to a denial of service, stolen passwords, and leaks of sensitive information among many other cybercrimes. Effectively detecting such attacks is crucial in today’s critical applications. However, the extant security standards are vulnerable to such an attack, and it is still an open research problem. In this paper, a scheme called D3MS is proposed to detect and mitigate de-authentication and disassociation attack effectively. The aim is to construct a model that can distinguish between benign and fake frames by recognizing the normal behavior of the wireless station before sending the authentication and de-authentication frames. The hypothesis is that the emulating the normal behavior of a benign station prior to the authentication and de-authentication attack is useless. The experimentation results showed the effectiveness of the proposed detection technique. The proposed scheme has improved the detection performance by 64.4% comparing to the related work.

[1]  Elaine M. Newton,et al.  Supplemental Information for the Interagency Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity , 2015 .

[2]  Lucia Lo Bello,et al.  Recent Advances and Trends in On-Board Embedded and Networked Automotive Systems , 2019, IEEE Transactions on Industrial Informatics.

[3]  Arash Habibi Lashkari,et al.  A survey on wireless security protocols (WEP, WPA and WPA2/802.11i) , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[4]  Jeich Mar,et al.  An ANFIS-IDS against deauthentication DOS attacks for a WLAN , 2010, 2010 International Symposium On Information Theory & Its Applications.

[5]  Sheila E. Frankel,et al.  Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i , 2007 .

[6]  L. Arockiam,et al.  FRAMEWORK TO DETECT AND PREVENT MEDIUM ACCESS CONTROL LAYER DENIAL OF SERVICE ATTACKS IN WLAN , 2013 .

[7]  Dejan Simic,et al.  A Survey of Wireless Security , 2007, J. Comput. Inf. Technol..

[8]  Anand R. Prasad,et al.  Fast authentication methods for handovers between IEEE 802.11 wireless LANs , 2004, WMASH '04.

[9]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[10]  Sudip Misra,et al.  Sensors, Cloud, and Fog : The Enabling Technologies for the Internet of Things , 2019 .

[11]  Tzi-cker Chiueh,et al.  Sequence Number-Based MAC Address Spoof Detection , 2005, RAID.

[12]  Giovanni Pau,et al.  Co-operative downloading in vehicular ad-hoc wireless networks , 2005, Second Annual Conference on Wireless On-demand Network Systems and Services.

[13]  S.A. Khan,et al.  Pseudo Randomized Sequence Number Based Solution to 802.11 Disassociation Denial of Service Attack , 2006, 2006 Proceedings of the First Mobile Computing and Wireless Communication International Conference.

[14]  Ahmed Ahmim,et al.  Privacy-Preserving Schemes for Ad Hoc Social Networks: A Survey , 2016, IEEE Communications Surveys & Tutorials.

[15]  José Carlos Brustoloni,et al.  Detecting and Blocking Unauthorized Access in Wi-Fi Networks , 2004, NETWORKING.

[16]  Kemal Bicakci,et al.  Pushing the Limits of Address Based Authentication: How to Avoid MAC Address Spoofing in Wireless LANs , 2008 .

[17]  Joshua Wright,et al.  Detecting Wireless LAN MAC Address Spoofing , 2003 .

[18]  Teek Parval Sharma,et al.  On the IEEE 802.11i security: a denial-of-service perspective , 2015, Secur. Commun. Networks.

[19]  Hassan B. Kazemian,et al.  Identification of probe request attacks in WLANs using neural networks , 2013, Neural Computing and Applications.

[20]  Parthasarathy Ranganathan,et al.  The Datacenter as a Computer: Designing Warehouse-Scale Machines, Third Edition , 2018, The Datacenter as a Computer.

[21]  Balasubramaniam Srinivasan,et al.  Analysis and Improvements over DoS Attacks against IEEE 802.11i Standard , 2010, 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing.

[22]  John Ioannidis,et al.  A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP) , 2004, TSEC.

[23]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[24]  Aiman A. Abu Samra,et al.  Enhancement of Passive MAC Spoofing Detection Techniques , 2010 .

[25]  Rajeev Singh,et al.  Detecting and reducing the denial of Service attacks in WLANs , 2011, 2011 World Congress on Information and Communication Technologies.

[26]  Bülent Tavli,et al.  Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks , 2009, Comput. Stand. Interfaces.

[27]  Nj Piscataway,et al.  Wireless LAN medium access control (MAC) and physical layer (PHY) specifications , 1996 .