Vulnerabilities and security enhancements for the IEEE 802.11 WLANs

This paper first surveys security vulnerabilities of IEEE 802.11 WLANs. Then, two approaches to enhance security are proposed to overcome some known vulnerabilities and thus to provide better data confidentiality and authentication. Finally, simulation methodology is presented, and simulate results are provided. Our studies show that the proposed enhancements provide better data confidentiality with some degree of computing cost as the tradeoff.

[1]  Wenyuan Xu,et al.  Channel surfing and spatial retreats: defenses against wireless denial of service , 2004, WiSe '04.

[2]  William A. Arbaugh,et al.  YOUR 802.11 WIRELESS NETWORK HAS NO CLOTHES , 2001 .

[3]  Songwu Lu,et al.  Securing a Wireless World , 2006, Proceedings of the IEEE.

[4]  William A. Arbaugh,et al.  Real 802.11 Security: Wi-Fi Protected Access and 802.11i , 2003 .

[5]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[6]  William A. Arbaugh,et al.  Your 80211 wireless network has no clothes , 2002, IEEE Wirel. Commun..

[7]  S.A. Khan,et al.  802.11 Disassociation DoS Attack and Its Solutions: A Survey , 2006, 2006 Proceedings of the First Mobile Computing and Wireless Communication International Conference.

[8]  Russell Dean Vines Wireless Security Essentials: Defending Mobile Systems from Data Piracy , 2002 .

[9]  Ronald L. Rivest,et al.  The RC4 encryption algorithm , 1992 .

[10]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[11]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[12]  Ramiro Jordan,et al.  Wireless communications and networking: an overview , 2002 .

[13]  John Ioannidis,et al.  Using the Fluhrer, Mantin, and Shamir Attack to Break WEP , 2002, NDSS.

[14]  David R. Cheriton,et al.  DoS and authentication in wireless public access networks , 2002, WiSE '02.