Research Article

Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication

by  Paridhi Singhal, Manoj Diwakar, Mandeep Katre
journal cover
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 58 - Issue 16
Published: November 2012
Authors: Paridhi Singhal, Manoj Diwakar, Mandeep Katre
10.5120/9365-3812
PDF

Paridhi Singhal, Manoj Diwakar, Mandeep Katre . Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication. International Journal of Computer Applications. 58, 16 (November 2012), 16-20. DOI=10.5120/9365-3812

                        @article{ 10.5120/9365-3812,
                        author  = { Paridhi Singhal,Manoj Diwakar,Mandeep Katre },
                        title   = { Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication },
                        journal = { International Journal of Computer Applications },
                        year    = { 2012 },
                        volume  = { 58 },
                        number  = { 16 },
                        pages   = { 16-20 },
                        doi     = { 10.5120/9365-3812 },
                        publisher = { Foundation of Computer Science (FCS), NY, USA }
                        }
                        %0 Journal Article
                        %D 2012
                        %A Paridhi Singhal
                        %A Manoj Diwakar
                        %A Mandeep Katre
                        %T Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication%T 
                        %J International Journal of Computer Applications
                        %V 58
                        %N 16
                        %P 16-20
                        %R 10.5120/9365-3812
                        %I Foundation of Computer Science (FCS), NY, USA
Abstract

Now a day’s most of the organizations are moving from wire-connected LAN to wireless LAN. The popularity of the 802.11 network standards stems from the fact that they provide for wireless connections with simplicity and convenience. But, there are many security issues which have been identified in the operation of 802.11 networks, and the 802.11i protocol has been announced to protect these types of networks. 802.11i protocol security has with a focus on an active attack and a passive attack. These types of attacks exhaust the client’s memory using a vulnerability of the key derivation procedure in 802.11i. It is vulnerable to various active and passive attacks which include de-authentication and disassociation attacks. For active and passive attacks( denial of services and memory exhaustion ) which are possible in 4-way handshake, this paper provides a secret key distribution with confidentiality and authentication and can also say that this procedure of secret key distribution is free from these active and passive attacks in comparison to original protocol and is more secure.

References
  • IEEE Standard 802.11-1999. Information technology –Telecommunications and information exchange between Systems – Local and metropolitan area networks – Specific Requirements – Part 11: Wireless LAN Medium Access Control and Physical Layer Specifications. 1999.
  • IEEE Standard 802.11b-1999. Higher-Speed Physical Layer Extension in the 2.4 GHz Band, Supplement to IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part11:Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. September, 1999.
  • Guide to Internet Security.
  • What's New in Security: WPA (Wi-Fi Protected Access)?
  • Seung-Jo HanHeang-Soo Oh JonganPark Dept. of Electron. Eng., Chosun Univ.” The improved data encryption standard (DES) algorithm., Spread Spectrum Techniques and Applications Proceedings, 1996.
  • A. Mishra and W. A. Arbaugh, “An initial security analysis of the IEEE 802.1X standard,” Tech. Rep. CS-TR-4328, University of Maryland, College Park, Md, USA, February 2002
  • Xiaodong Zha ; Maode Ma ,” Security improvements of IEEE 802.11i 4-way handshake scheme”,IEEE International Conference on Communication Systems(ICCS) 2010.
  • Xinyu Xing; Shakshuki, E.; Benoit, D.; Sheltami, T.; “Security Analysis and Authentication Improvementfor IEE802.11i Specification”,Global Telecommunications Conference, 2008.
  • Jing Liu, Xinming Ye, Jun Zhang, Jun Li, "Security Verification of 802.11i 4-way Handshake Protocol", 2008 IEEE
  • Sung-Hyun Eum, Yae-Hoe Kim, and Hyoung-Kee Choi,”A Secure 4-Way Handshake in 802.11i Using Cookies”, July 2008, Vol.2, No.1
  • C. He and J. C. Mitchell, "Analysis of the 802.11i 4-Way Handshake," in Proceedings of the 3rd ACM workshop on Wireless security, Philadelphia, PA, USA, 2004, pp. 43 - 50.
  • V.Moen, H. Raddum, and K. J. Hole, “Weaknesses in the temporal key hash of WPA,” ACMSIGMOBILEMobile Computing and Communications Review, vol. 8, no. 2, pp. 76–83, 2004
  • F. D. Rango, D. C. Lentini, and S. Marano, “Static and dynamic 4-way handshake solutions to avoid denial of service attack in Wi-Fi protected
  • D. B. Faria and D. R. Cheriton, “DoS and authentication in wireless public access networks,” in Proceedings of the ACM Workshop on Wireless Security (WiSe ’02), pp. 47–56, Atlanta, Ga, USA, September 2002.
  • Fluhrer, Mantin, Shamir. “Weaknesses in the Key Scheduling Algorithm of RC4” http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf. 2001.
  • Needham;R., and Schroeder, M. “Using Encryption for Authentication in Large Networks of Computers”. Communications of the ACM, December 1978.
Index Terms
Computer Science
Information Sciences
No index terms available.
Keywords

Secret key distribution 4-Way Handshake De- authentication active Attacks passive attack IEEE802.11 IEEE802.11i public key private key

Powered by PhDFocusTM