Detection of stealth Man-in-the-Middle attack in wireless LAN

Author

Kumar, Vipin ; Chakraborty, Shiladri ; Barbhuiya, F.A. ; Nandi, Sukumar

Author_Institution

Dept. of Comput. Sci. & Eng., Indian Inst. of Technol. Guwahati, Guwahati, India

fYear

2012

fDate

6-8 Dec. 2012

Firstpage

290

Lastpage

295

Abstract

Wireless Local Area Networks (WLANs) are acquiring their hold in all the verticals of life. WLANs have gone through rapid changes with respect to their security standards in near time. Man-in-the-Middle (MITM) attack is one of the most catastrophic attacks in WLAN. Stealth MITM (SMITM) attack is a new way of doing MITM based on Address Resolution Protocol (ARP) poisoning. In this attack, ARP poisoning is done directly to the victim by forging the frame ARP response protocol structure and exploiting WPA2 key management. In this paper we propose a Wireless Intrusion Detection System (WIDS) for SMITM attack. The proposed WIDS successfully detects the SMITM attack and other similar attacks like MITM (using ARP poisoning) and IP Spoofing. The proposed WIDS system is simulated in NS-3 network simulator and the scheme is found to work correctly when the attacker is static and is under the coverage of a single sensor during the complete period of attack.

Keywords

computer network security; protocols; wireless LAN; ARP; IP spoofing; NS-3 network simulator; SMITM; WIDS; address resolution protocol; man-in-the-middle attack; security standards; stealth MITM; stealth detection; wireless LAN; wireless intrusion detection system; wireless local area networks; Local area networks; Logic gates; Probes; Programmable logic arrays; Quality of service; Transmitters; Uplink;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel Distributed and Grid Computing (PDGC), 2012 2nd IEEE International Conference on

Conference_Location

Solan

Print_ISBN

978-1-4673-2922-4

Type

conf

DOI

10.1109/PDGC.2012.6449834

Filename

6449834