Survey of Media Access Control address spoofing attacks detection and prevention techniques in wireless networks

E. Letsoalo, S. Ojo
{"title":"Survey of Media Access Control address spoofing attacks detection and prevention techniques in wireless networks","authors":"E. Letsoalo, S. Ojo","doi":"10.1109/ISTAFRICA.2016.7530589","DOIUrl":null,"url":null,"abstract":"Wireless networks are used to access many services such as Internet banking, e-commerce, eHealth, and from many more systems that relay sensitive information. To connect to a wireless network a user needs to be authenticated by and be associated with an access point. Management frames and control frames are used for authentication, association and giving a user access to the wireless network. Management frames and control frames are sent in clear text and can expose the wireless network to security attacks such as media access control spoofing and session hijacking attacks. An attacker with the packet sniffer software can intercept packets and extract Media Access Control addresses of the access point or other users. MAC address is used to associate a client with the access point in wireless networks. An attacker can use a spoofed Media Access Control address of the real access point to disconnect the legitimate users from the network and takeover any existing TCP session that has already been established. Since the legitimate user is already authenticated in the network, an attacker with the spoofed MAC address will not require authentication. Such an exploitation of a valid computer session to gain unauthorized access to information or services through a network is referred to as session hijacking attack. There are proposed methods for dealing with MAC address spoofing. Some methods produce lots of false positives and false negatives while others require a lot of infrastructural overhead as well as computational overhead. In this study some of the existing MAC addresses spoofing detection and prevention methods are reviewed, with strengths and weaknesses analysed. Factors considered in the analysis include reliability and robustness of the methods, and performance in terms of computational overhead and efficiency.","PeriodicalId":326074,"journal":{"name":"2016 IST-Africa Week Conference","volume":"105 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IST-Africa Week Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISTAFRICA.2016.7530589","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5

Abstract

Wireless networks are used to access many services such as Internet banking, e-commerce, eHealth, and from many more systems that relay sensitive information. To connect to a wireless network a user needs to be authenticated by and be associated with an access point. Management frames and control frames are used for authentication, association and giving a user access to the wireless network. Management frames and control frames are sent in clear text and can expose the wireless network to security attacks such as media access control spoofing and session hijacking attacks. An attacker with the packet sniffer software can intercept packets and extract Media Access Control addresses of the access point or other users. MAC address is used to associate a client with the access point in wireless networks. An attacker can use a spoofed Media Access Control address of the real access point to disconnect the legitimate users from the network and takeover any existing TCP session that has already been established. Since the legitimate user is already authenticated in the network, an attacker with the spoofed MAC address will not require authentication. Such an exploitation of a valid computer session to gain unauthorized access to information or services through a network is referred to as session hijacking attack. There are proposed methods for dealing with MAC address spoofing. Some methods produce lots of false positives and false negatives while others require a lot of infrastructural overhead as well as computational overhead. In this study some of the existing MAC addresses spoofing detection and prevention methods are reviewed, with strengths and weaknesses analysed. Factors considered in the analysis include reliability and robustness of the methods, and performance in terms of computational overhead and efficiency.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
无线网络中媒体访问控制地址欺骗攻击检测与预防技术综述
无线网络被用来访问许多服务,如互联网银行、电子商务、电子健康,以及从更多传递敏感信息的系统访问。要连接到无线网络,用户需要通过接入点进行身份验证并与接入点相关联。管理帧和控制帧用于身份验证、关联和授予用户对无线网络的访问权限。管理帧和控制帧以明文形式发送,会使无线网络暴露在媒体访问控制欺骗和会话劫持攻击等安全攻击之下。利用数据包嗅探软件,攻击者可以拦截数据包并提取接入点或其他用户的媒体访问控制地址。MAC地址用于无线网络中客户端与接入点之间的关联。攻击者可以使用欺骗的真实接入点的媒体访问控制地址来断开合法用户与网络的连接,并接管已经建立的任何现有TCP会话。由于合法用户已经在网络中进行了身份验证,因此使用欺骗MAC地址的攻击者不需要身份验证。这种利用有效的计算机会话通过网络获得对信息或服务的未经授权的访问被称为会话劫持攻击。提出了处理MAC地址欺骗的方法。有些方法会产生大量的假阳性和假阴性,而另一些方法则需要大量的基础设施开销和计算开销。本文对现有的MAC地址欺骗检测和预防方法进行了综述,并分析了其优缺点。分析中考虑的因素包括方法的可靠性和鲁棒性,以及计算开销和效率方面的性能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
ICT adoption and use in Zimbabwean SMEs A security algorithm for wireless sensor networks in the Internet of Things paradigm The extent to which the POPI act makes provision for patient privacy in mobile personal health record systems Prototyping Smart City applications over large scale M2M testbed Sustainable cooperative distance learning system for education in developing countries
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1