Proceedings Article10.5220/0007926202440251
A Software-defined Networking-based Detection and Mitigation Approach against KRACK.
Yi Li,Marcos Serrano,Tommy Chin,Kaiqi Xiong,Jing Lin +4 more
- 23 Aug 2019
- pp 244-251
16
TL;DR: A software-defined networking (SDN)-based detection and mitigation framework to defend against KRACK that leverages the characteristic of an SDN controller, a global view of a network, to monitor and manage a Wi-Fi network traffic.
read more
Abstract: Most modern Wi-Fi networks are secured by the Wi-Fi Protected Access II (WPA2) protocol that uses a 4-way handshake. Serious weaknesses have been discovered in this 4-way handshake that allows attackers to perform key reinstallation attacks (KRACKs) within the range of an Access Point (AP) to intercept personal information. In this paper, we study KRACK and present a software-defined networking (SDN)-based detection and mitigation framework to defend against KRACK. The proposed framework leverages the characteristic of an SDN controller, a global view of a network, to monitor and manage a Wi-Fi network traffic. It consists of two main components: detection and mitigation modules. Both of them are deployed on the SDN controller. The detection module will monitor network traffic and detect the duplicated message 3 of the 4-way handshake. Once KRACK has been detected, the mitigation module will update the flow table to redirect the attack traffic to a splash portal, which is a place to store attack traffic. Extensive experimental results demonstrate that the proposed framework can efficiently detect and mitigate KRACK. We achieve an average of 170.926 ms to detect KRACK and an average of 10.041 ms to mitigate KRACK in our experiments.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Multi-Channel Man-in-the-Middle attacks against protected Wi-Fi networks: A state of the art review
01 Dec 2022
TL;DR: In this paper , the authors evaluate the capabilities of multi-channel MitM and review every reported attack in the state of the art, and highlight the potential research problems and identify future research approaches in this field.
20
Machine learning assisted snort and zeek in detecting DDoS attacks in software-defined networking
Muyideen Abdulraheem,Idowu Dauda Oladipo,Agbotiname Lucky Imoize,Joseph Bamidele Awotunde,Ghaniyyat Bolanle Balogun,Joshua Oluwatobi Adeoti +5 more
TL;DR: This study proposes a snort and Zeek enabled with machine learning (ML) based model to classify the benign traffic from DDoS attack traffic to distinguish authorized traffic from attack traffic when spread across so many points of origin.
15
kTRACKER: Passively Tracking KRACK using ML Model
Anand Agrawal,Urbi Chatterjee,Rajib Ranjan Maiti +2 more
- 14 Apr 2022
TL;DR: A state machine model is implemented to detect KRACK attack by passively monitoring multiple wireless channels and performs deep packet inspection and develops a grouping algorithm to group Wi-Fi handshake packets to identify the symptoms of the KRACK in specific stages of a handshake session.
7
CheckShake: Passively Detecting Anomaly in Wi-Fi Security Handshake using Gradient Boosting based Ensemble Learning
TL;DR: CheckShake as discussed by the authors uses a state machine model for grouping Wi-Fi handshake packets and then performs deep packet inspection to identify the symptoms of the anomaly in specific stages of a handshake session.
6
References
Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges
TL;DR: This work can help to understand how to make full use of SDN's advantages to defeat DDoS attacks in cloud computing environments and how to prevent SDN itself from becoming a victim of DDoSDoS attacks, which are important for the smooth evolution ofSDN-based cloud without the distraction ofDDoS attacks.
812
A Survey of Machine Learning Techniques Applied to Software Defined Networking (SDN): Research Issues and Challenges
TL;DR: This paper provides a comprehensive survey on the literature involving machine learning algorithms applied to SDN, from the perspective of traffic classification, routing optimization, quality of service/quality of experience prediction, resource management and security.
674
Sdn Security: A Survey
Sandra Scott-Hayward,Gemma O'Callaghan,Sakir Sezer +2 more
- 01 Nov 2013
TL;DR: This paper presents a comprehensive survey of the research relating to security in software-defined networking that has been carried out to date, and both the security enhancements to be derived from using the SDN framework and the security challenges introduced by the framework are discussed.
Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
Mathy Vanhoef,Frank Piessens +1 more
- 30 Oct 2017
TL;DR: The key reinstallation attack abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key, and forces the client into using a predictable all-zero encryption key.
Enhancing Network Security through Software Defined Networking (SDN)
Seungwon Shin,Lei Xu,Sungmin Hong,Guofei Gu +3 more
- 01 Aug 2016
TL;DR: This systematic survey on SDN security investigates how the new features provided by SDN can help enhance network security and information security process and hopes to provide new insights for future research in this important area.
142