Title :
Exception triggered DoS attacks on wireless networks
Author :
Zhao, Yao ; Vemuri, Sagar ; Chen, Jiazhen ; Chen, Yan ; Zhou, Hai ; Fu, Zhi Judy
Author_Institution :
Northwestern Univ., Evanston, IL, USA
fDate :
June 29 2009-July 2 2009
Abstract :
Security protocols are not as secure as we assumed. In this paper, we identified a practical way to launch DoS attacks on security protocols by triggering exceptions. Through experiments, we show that even the latest strongly authenticated protocols such as PEAP, EAP-TLS and EAP-TTLS are vulnerable to these attacks. Real attacks have been implemented and tested against TLS-based EAP protocols, the major family of security protocols for wireless LAN, as well as the return routability of mobile IPv6, an emerging lightweight security protocol in new IPv6 infrastructure. DoS attacks on PEAP, one popular TLS-based EAP protocol were performed and tested on a major university´s wireless network, and the attacks were highly successful. We further tested the scalability of our attack through a series of ns-2 simulations. Countermeasures for detection of such attacks and improvements of the protocols to overcome these types of DoS attacks are also proposed and verified experimentally.
Keywords :
cryptographic protocols; exception handling; message authentication; radio networks; telecommunication security; EAP-TLS; EAP-TTLS; PEAP; authenticated protocol; exception triggered DoS attack; lightweight security protocol; mobile IPv6; ns-2 simulation; return routability; wireless LAN; wireless network; Authentication; Communication system security; Computer crime; Cryptographic protocols; Cryptography; Scalability; Testing; Wireless LAN; Wireless application protocol; Wireless networks;
Conference_Titel :
Dependable Systems & Networks, 2009. DSN '09. IEEE/IFIP International Conference on
Conference_Location :
Lisbon
Print_ISBN :
978-1-4244-4422-9
Electronic_ISBN :
978-1-4244-4421-2
DOI :
10.1109/DSN.2009.5270358
