Open Access
Passive Techniques for Detecting Session Hijacking Attacks in IEEE 802.11 Wireless Networks
Rupinder S. Gill,Jason Smith,Mark Looi,Andrew Clark +3 more
- 01 May 2005
36
TL;DR: Techniques for improving detection of session hijacking attacks that are passive, computationally inexpensive, reliable, and have minimal impact on network performance are presented.
read more
Abstract: Wireless networking technologies based on IEEE 802.11 series of standards are evolving to address many of the security issues that plagued earlier wireless standards. Unfortunately the current standards fail to authenticate management frames and network card addresses, and rely on loosely coupled state machines. This results in serious vulnerabilities that may lead to denial of service, session hijacking, and address masquerading attacks. Until the standards are updated to redress these problems, wireless network deployments must be supported by wireless intrusion detection systems–a challenging and under researched area. This paper presents techniques for improving detection of session hijacking attacks that are passive, computationally inexpensive, reliable, and have minimal impact on network performance. Experimental results are presented to give confidence in the utility of the techniques.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Cyber Security Threats and Vulnerabilities: A Systematic Mapping Study
TL;DR: A systematic mapping study was conducted, and in total, 78 primary studies were identified and analyzed, showing that most of the selected studies in this review targeted only a few common security vulnerabilities such as phishing, denial-of-service and malware.
261
NIS07-5: Security Vulnerabilities in Channel Assignment of Multi-Radio Multi-Channel Wireless Mesh Networks
Anjum Naveed,Salil S. Kanhere +1 more
- 01 Nov 2006
TL;DR: This paper exposes the vulnerabilities in channel assignment algorithms and unveil three new security attacks: Network Endo-Parasite attack (NEPA), Channel Ecto-parasite Attack (CEPA) and low-cost ripple effect attack (LORA).
38
Beacon Frame Spoofing Attack Detection in IEEE 802.11 Networks
A. Martinez,Urko Zurutuza,Roberto Uribeetxeberria,Miguel Fernández,Jesus Lizarraga,A. Serna,I. Velez +6 more
- 04 Mar 2008
TL;DR: A novel method is proposed that identifies the impersonation of certain management frames, which helps to reduce the number of false positives within other existing MAC spoofing detection techniques.
36
•Proceedings Article
Experiences in passively detecting session hijacking attacks in IEEE 802.11 networks
Rupinder S. Gill,Jason Smith,Andrew Clark +2 more
- 01 Jan 2006
TL;DR: Usability, robustness and accuracy of these intrusion detection techniques are explored by applying them to eight distinct test scenarios and a correlation engine is introduced to maintain the false positives and false negatives at a manageable level.
A DOS Attack Intrusion Detection and Inhibition Technique for Wireless Computer Networks
M.M. Salem,Amany Sarhan +1 more
- 01 Jan 2007
TL;DR: A new security technique is proposed that aims to detect the DOS attacks in WLANs and further prevent the detected attackers, in the future, from accessing the network.
References
•Proceedings Article
802.11 denial-of-service attacks: real vulnerabilities and practical solutions
John Bellardo,Stefan Savage +1 more
- 04 Aug 2003
TL;DR: This paper provides an experimental analysis of 802.11-specific attacks - their practicality, their efficacy and potential low-overhead implementation changes to mitigate the underlying vulnerabilities.
Analysis of the 802.11i 4-way handshake
Changhua He,John C. Mitchell +1 more
- 01 Oct 2004
TL;DR: The 4-Way Handshake protocol is analyzed using a finite-state verification tool and a Denial-of-Service attack is found, involving forging initial messages from the authenticator to the supplicant to produce inconsistent keys in peers.
Detecting Wireless LAN MAC Address Spoofing
Joshua Wright
- 01 Jan 2003
TL;DR: The author identifies techniques that can be employed to detect applications that are using spoofed MAC addresses, and suggests that wireless equipment manufacturers could implement anomalybased intrusion detection systems capable of identifying MAC address spoofing to alert administrators of attacks against their networks.
Wireless intrusion detection and response
Y.-X. Lim,T.S. Yer,J. Levine,Henry L. Owen +3 more
- 18 Jun 2003
TL;DR: An overview of the characteristics and functionality required in a Wireless intrusion detection system is presented along with a review and comparison of existing wireless intrusion detection systems and functionalities.
118
Agent based intrusion detection and response system for wireless LANs
M.K. Chirumamilla,Byrav Ramamurthy +1 more
- 11 May 2003
TL;DR: A distributed agent based intrusion detection and response system for wireless LANs that can detect unauthorized wireless elements like access points, wireless clients that are in promiscuous mode etc and react to intrusions by either notifying the concerned personnel, or by blocking unauthorized users from accessing the network resources.
Related Papers (5)
Fanglu Guo,Tzi-cker Chiueh +1 more
- 07 Sep 2005
Song Han,Elizabeth Chang,Li Gao,Tharam S. Dillon +3 more
- 01 Jan 2006