An assessment of vulnerabilities in authentication protocols for IEEE 802.11 wireless networks
Abstract
This paper evaluates security mechanisms of IEEE 802.11 networks. This standard, also called Wi-Fi, is widely used as a device connectivity infrastructure, providing Internet access and creating local area networks. For the evaluation of security mechanisms, dictionary and brute-force attacks are performed to obtain network passwords. The Krack Attack vulnerability is also exploited in order to verify vulnerabilities of Wi-Fi devices. Results show vulnerable devices and networks because of outdated security patches and the use of trivial passwords.
Keywords:
Segurança de redes, IEEE 802.11, Krack Attack
References
Aircrack-ng. Aircrack-ng documentation. https://www.aircrack-ng.org/ documentation.html. Accessed: 2019-02-12.
Bianchi, G. (2000). Performance analysis of the IEEE 802.11 distributed coordination function. IEEE Journal on Selected Areas in Communications, 18(3):535–547.
Campos, A. (2014). Sistema de segurança da informação. São Paulo: VisualBooks, 2 edition.
Chaabouni, R. (2006). Break WEP faster with statistical analysis. Technical report, EPFL, LASEC.
J. F. Kurose e K. W. Ross (2006). Redes de Computadores e a Internet. Pearson.
M. Vanhoef e F. Piessens (2017). Key reinstallation attacks: Forcing nonce reuse in WPA2. In Proceedings of the 2017 ACM SIGSAC Conference on Computer e Communications Security, pages 1313–1328. ACM.
Paim, R. R. (2014). WEP, WPA e EAP. https://www.gta.ufrj.br/ensino/eel879/trabalhos_vf_2011_2/rodrigo_paim/downloads/trabalho.pdf.
Tews, E. (2007). Attacks on the WEP protocol. IACR Cryptology ePrint Archive, 2007:471.
Bianchi, G. (2000). Performance analysis of the IEEE 802.11 distributed coordination function. IEEE Journal on Selected Areas in Communications, 18(3):535–547.
Campos, A. (2014). Sistema de segurança da informação. São Paulo: VisualBooks, 2 edition.
Chaabouni, R. (2006). Break WEP faster with statistical analysis. Technical report, EPFL, LASEC.
J. F. Kurose e K. W. Ross (2006). Redes de Computadores e a Internet. Pearson.
M. Vanhoef e F. Piessens (2017). Key reinstallation attacks: Forcing nonce reuse in WPA2. In Proceedings of the 2017 ACM SIGSAC Conference on Computer e Communications Security, pages 1313–1328. ACM.
Paim, R. R. (2014). WEP, WPA e EAP. https://www.gta.ufrj.br/ensino/eel879/trabalhos_vf_2011_2/rodrigo_paim/downloads/trabalho.pdf.
Tews, E. (2007). Attacks on the WEP protocol. IACR Cryptology ePrint Archive, 2007:471.
Published
2019-04-20
How to Cite
SOARES, Leonardo; MORAES, Igor.
An assessment of vulnerabilities in authentication protocols for IEEE 802.11 wireless networks. In: REGIONAL SCHOOL ON INFORMATICS OF RIO DE JANEIRO (ERI-RJ), 3. , 2019, Niterói.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 37-40.
