Security Improvement of Unicast Management Frames In Ieee 802.11 Mac Layer
Malekzadeh, Mina (2007) Security Improvement of Unicast Management Frames In Ieee 802.11 Mac Layer. Masters thesis, Universiti Putra Malaysia.
Wireless Local Area Network (WLAN) or IEEE 802.11, was formed in 1990 to exchange information by using radio frequency rather than wires. This standard transmits information by three types of frame: data frame, control frame, and management frame. To provide security for WLANs, different security protocols have been designed such as: wired equivalent privacy (WEP), wifi protected access (WPA), and the strongest one, IEEE 802.11i (WPA2). Unfortunately all of the mentioned protocols provide security only for data frame. Control and management frames are transmitted without any protection even in IEEE 802.11i. The lack of protection on management frames causes an intruder to launch different types of attack on the WLAN such as forgery, session hijacking, denial of service and man-in-the-middle attack, which can lead to expose the whole WLAN. To address the problem, this thesis proposes and evaluates a new per frame security model which is called Management Frame with Integrity and Authentication (MFIA) to authenticate transmitted management frames. The proposed model uses a secret key and a new random sequence number (RSN) to secure communication between devices in WLAN and to prevent intruder from exposing the WLAN. The proposed model checks the authentication of a sender and the integrity of the management frames. The proposed model has been evaluated by quantifying the probability of finding a proper RSN by intruder, probability of different current common attacks on management frames, and also required time for the specified attacks. The results show that MFIA provides a high security level for management frames in all IEEE 802.11 standards. Required times to launch the attacks, show that allocating the specified time by intruder is almost impossible in the proposed model so that makes the mentioned attacks impractical. Results also show the proposed model can prevent a variety of attacks on management frames.
Repository Staff Only: Edit item detail