A Novel WLAN Client Puzzle against DoS Attack Based on Pattern Matching

Despite the popularity of 802.11 based networks, they suffer several types of DoS attack, launched by an attacker whose aim is to make an access point (AP) unavailable to legitimate users. One of the most common DoS attacks on 802.11 based networks is to deplete the resources of the AP. A serious situation like this can occur when the AP receives a burst of connection requests. This paper addresses this common DoS attack and proposes a lightweight puzzle, based on pattern-matching. Using a pattern-matching technique, this model adequately resists resource-depletion attacks in terms of both puzzle generation and solution verification. Using a sensible series of contextual comparisons, the outcomes were modelled by a simulator, and the security definition and proofs are verified, among other results.

[1]  Pekka Nikander,et al.  DOS-Resistant Authentication with Client Puzzles , 2000, Security Protocols Workshop.

[2]  Mazdak Zamani,et al.  Detecting and preventing DDoS attacks in botnets by the help of self triggered black holes , 2014, 2014 Asia-Pacific Conference on Computer Aided System Engineering (APCASE).

[3]  Brent Waters,et al.  New client puzzle outsourcing techniques for DoS resistance , 2004, CCS '04.

[4]  M. Janbeglou,et al.  Redirecting network traffic toward a fake DNS server on a LAN , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[5]  Dennis Hofheinz,et al.  Simulatable security and polynomially bounded concurrent composability , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[6]  Martin Mauve,et al.  Counter-Flooding: DoS Protection for Public Key Handshakes in LANs , 2009, 2009 Fifth International Conference on Networking and Services.

[7]  Moni Naor,et al.  On Memory-Bound Functions for Fighting Spam , 2003, CRYPTO.

[8]  Mazdak Zamani,et al.  UltiMatch-NL: A Web Service Matchmaker Based on Multiple Semantic Filters , 2014, PloS one.

[9]  Mojtaba Alizadeh,et al.  Energy Efficient Routing in Wireless Sensor Networks Based on Fuzzy Ant Colony Optimization , 2014, Int. J. Distributed Sens. Networks.

[10]  Mazdak Zamani,et al.  Security Threats in Online Social Networks , 2013, 2013 International Conference on Informatics and Creative Multimedia.

[11]  Mazdak Zamani,et al.  Improving the security of protected wireless internet access from insider attacks , 2012 .

[12]  Qiang Tang,et al.  On Non-Parallelizable Deterministic Client Puzzle Scheme with Batch Verification Modes , 2010 .

[13]  Hamid Mousavi,et al.  A Novel Proof of Work Model Based on Pattern Matching to Prevent DoS Attack , 2011, DICTAP.

[14]  Yudong Zhang,et al.  A Novel Global Optimization Method – Genetic Pattern Search , 2010 .

[15]  Stefan Savage,et al.  802.11 Denial-of-Service Attacks: Real Vulnerabilities and Practical Solutions , 2003, USENIX Security Symposium.

[16]  Nick C Fox,et al.  Gene-Wide Analysis Detects Two New Susceptibility Genes for Alzheimer's Disease , 2014, PLoS ONE.

[17]  Mazdak Zamani,et al.  Performance Analysis in Reactive Routing Protocols in Wireless Mobile Ad Hoc Networks Using DSR, AODV and AOMDV , 2013, 2013 International Conference on Informatics and Creative Multimedia.

[18]  M. Zamani,et al.  Code analysis of lightweight encryption algorithms using in RFID systems to improve cipher performance , 2012, 2012 IEEE Conference on Open Systems.

[19]  Chung-Hsin Liu,et al.  The Analysis for DoS and DDoS Attacks of WLAN , 2010, 2010 Second International Conference on Multimedia and Information Technology.

[20]  Mazdak Zamani,et al.  A Taxonomy of SQL Injection Detection and Prevention Techniques , 2013, 2013 International Conference on Informatics and Creative Multimedia.

[21]  Mazdak Zamani,et al.  A Novel Approach for Rogue Access Point Detection on the Client-Side , 2012, 2012 26th International Conference on Advanced Information Networking and Applications Workshops.

[22]  Mojtaba Alizadeh,et al.  Trusted Computing Strengthens Cloud Authentication , 2014, TheScientificWorldJournal.

[23]  Mojtaba Alizadeh,et al.  Implementation and evaluation of lightweight encryption algorithms suitable for RFID , 2013 .

[24]  Bogdan Warinschi,et al.  Cryptographic puzzles and DoS resilience, revisited , 2014, Des. Codes Cryptogr..

[25]  Mazdak Zamani,et al.  A Taxonomy of SQL Injection Attacks , 2013, 2013 International Conference on Informatics and Creative Multimedia.

[26]  Honarbakhsh Shohreh,et al.  Dynamic Monitoring in Ad Hoc Network , 2012 .

[27]  John Langford,et al.  CAPTCHA: Using Hard AI Problems for Security , 2003, EUROCRYPT.

[28]  Azizah Abdul Manaf,et al.  Enhancing key management of ZigBee network by steganography method , 2013, 2013 Second International Conference on Informatics & Applications (ICIA).

[29]  David S. H. Rosenthal On The Cost Distribution of a Memory Bound Function , 2003, ArXiv.

[30]  Bülent Tavli,et al.  Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks , 2009, Comput. Stand. Interfaces.

[31]  Udo W. Pooch,et al.  A secure dynamic cryptographic and encryption protocol for wireless networks , 2009, IEEE EUROCON 2009.

[32]  Mazdak Zamani,et al.  SQL Injection Is Still Alive: A Study on SQL Injection Signature Evasion Techniques , 2013, 2013 International Conference on Informatics and Creative Multimedia.

[33]  Lin Gao,et al.  A new client-puzzle based DoS-resistant scheme of IEEE 802.11i wireless authentication protocol , 2010, 2010 3rd International Conference on Biomedical Engineering and Informatics.

[34]  Mazdak Zamani,et al.  Redirecting outgoing DNS requests toward a fake DNS server in a LAN , 2010, 2010 IEEE International Conference on Software Engineering and Service Sciences.

[35]  Colin Boyd,et al.  Toward Non-parallelizable Client Puzzles , 2007, CANS.

[36]  Colin Boyd,et al.  Practical client puzzles in the standard model , 2012, ASIACCS '12.

[37]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[38]  Taieb Znati,et al.  A Guided Tour Puzzle for Denial of Service Prevention , 2009, 2009 Annual Computer Security Applications Conference.

[39]  Farzad Kiani,et al.  Efficient Intelligent Energy Routing Protocol in Wireless Sensor Networks , 2015, Int. J. Distributed Sens. Networks.

[40]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[41]  Mazdak Zamani,et al.  An access control framework in an ad hoc network infrastructure , 2015 .

[42]  Mazdak Zamani,et al.  A survey on security issues of federated identity in the cloud computing , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[43]  Alejandro Quintero,et al.  Client Puzzles Based on Quasi Partial Collisions Against DoS Attacks in UMTS , 2006, IEEE Vehicular Technology Conference.

[44]  Mazdak Zamani,et al.  A confidential RFID model to prevent unauthorized access , 2011, 2011 5th International Conference on Application of Information and Communication Technologies (AICT).

[45]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[46]  Colin Boyd,et al.  Efficient Modular Exponentiation-Based Puzzles for Denial-of-Service Protection , 2011, ICISC.

[47]  Fabian Monrose,et al.  Efficient Memory Bound Puzzles Using Pattern Databases , 2006, ACNS.

[48]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[49]  Yudong Zhang,et al.  Genetic Pattern Search and Its Application to Brain Image Classification , 2013 .

[50]  Michael Walfish,et al.  DDoS defense by offense , 2006, SIGCOMM 2006.

[51]  Wu-chi Feng,et al.  Design and implementation of network puzzles , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[52]  Martin Mauve,et al.  Secure Client Puzzles Based on Random Beacons , 2012, Networking.

[53]  Mazdak Zamani,et al.  SQL injection vulnerability general patch using header sanitization , 2014, 2014 International Conference on Computer, Communications, and Control Technology (I4CT).

[54]  Shi Ting,et al.  Design and analysis of a wireless authentication protocol against DoS attacks based on Hash function , 2006 .

[55]  Ivan Martinovic,et al.  Wireless client puzzles in IEEE 802.11 networks: security by wireless , 2008, WiSec '08.

[56]  Suriayati Chuprat,et al.  Zero-delay FPGA-based odd-even sorting network , 2013, 2013 IEEE Symposium on Computers & Informatics (ISCI).

[57]  Hossein Rouhani Zeidanloo,et al.  Botnet detection based on traffic monitoring , 2010, 2010 International Conference on Networking and Information Technology.

[58]  Yudong Zhang,et al.  Remote-Sensing Image Classification Based on an Improved Probabilistic Neural Network , 2009, Sensors.

[59]  Jacques Patarin,et al.  Benes and Butterfly Schemes Revisited , 2005, ICISC.

[60]  Heba Kamal Aslan,et al.  WiMax Security , 2008, 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008).

[61]  Guevara Noubir,et al.  Robust wireless communication in adversarial settings , 2011 .

[62]  Xiaoping Li,et al.  Quadratic Residue Based Client Puzzle Distributed by Beacon Frame in DoS-Resistant Wireless Access Authentication , 2011 .

[63]  Bogdan Warinschi,et al.  Security Notions and Generic Constructions for Client Puzzles , 2009, ASIACRYPT.

[64]  Colin Boyd,et al.  Stronger Difficulty Notions for Client Puzzles and Denial-of-Service-Resistant Protocols , 2011, CT-RSA.

[65]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[66]  Hossein Rouhani Zeidanloo,et al.  A taxonomy of Botnet detection techniques , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[67]  YuDong Zhang,et al.  Pattern Recognition via PCNN and Tsallis Entropy , 2008, Sensors.