An IEEE 802.11 MAC Layer Covert Channel Based On Supported Rates

• Autorzy: Teca Geovan , Natkaniec Marek

Identyfikatory

DOI

10.24425/ijet.2023.144364

• Języki publikacji: EN

Abstrakty

EN

Wireless Local Area Networks present several vulnerabilities that are exploited, and as a result, numerous attacks have been developed and used against them. Although countermeasures to detect and eliminate such threats have been created throughout the years, few methods exist to prevent the attacks. IEEE 802.11 covert channels could be considered a candidate to prevent Wi-Fi attacks since they allow secret communication between the client station and the access point without establishing an association. They can be implemented in frames that attackers do not target. This paper presents a new covert channel that prevents Wi-Fi attacks. We also describe metrics, and discuss the performance results of the proposed solution. We show that the new protocol is able to achieve high efficiency of operation.

Słowa kluczowe

EN

steganography; covert channel; IEEE 802.11 networks; performance evaluation

• Wydawca: Polish Academy of Sciences, Committee of Electronics and Telecommunication
• Czasopismo: International Journal of Electronics and Telecommunications
• Rocznik: 2023
• Tom: Vol. 69, No. 2
• Strony: 293--299
• Opis fizyczny: Bibliogr. 28 poz., rys., tab., wykr.

Twórcy

autor

Teca Geovan

• Faculty of Computer Science, Electronics and Telecommunications, Institute of Telecommunications, AGH University of Science and Technology, Al. Mickiewicza 30, 30-059 Krakow, Poland

autor

Natkaniec Marek

• Faculty of Computer Science, Electronics and Telecommunications, Institute of Telecommunications, AGH University of Science and Technology, Al. Mickiewicza 30, 30-059 Krakow, Poland

Bibliografia

• [1] “IEEE standard for information technology–telecommunications and information exchange between systems - local and metropolitan area networks-specific requirements - part 11: Wireless lan medium access control (mac) and physical layer (phy) specifications - redline,” pp. 1-7524, 2021.
• [2] M. Ergen, “IEEE 802.11 tutorial,” https://www.researchgate.net/publication/2533138_IEEE_80211_Tutorial, 2002, online; accessed: 23 December 2022.
• [3] K. Umesh and G. Sapna, “A literature review of security threats to wireless networks,” International Journal of Future Generation Communication and Networking, vol. 7(4), pp. 25-34, 2014.
• [4] J. J. Flores and A. Cruz, “A study in wireless attacks and its tools,” in 11th Latin American and Caribbean Conference for Engineering and Technology, 08 2013.
• [5] M. M. Noor and W. H. Hassan, “Wireless networks: Developments, threats and countermeasures,” International Journal of Digital Information and Wireless Communications, vol. 3, no. 1, pp. 125-140, 2013.
• [6] M. Aung and K. Thant, “IEEE 802.11 attacks and defenses,” in Proceedings of the 17th International Conference on Computer Application (ICCA), 03 2019, pp. 186-191.
• [7] K. Sawicki and Z. Piotrowski, “Two-way complex steganographic system for authentication and authorization in ieee 802.11 wireless networks,” ELEKTRONIKA - KONSTRUKCJE, TECHNOLOGIE, ZASTOSOWANIA, no. 1, pp. 24-28, 2017.
• [8] L. Frikha, Z. Trabelsi, and W. El-Hajj, “Implementation of a covert channel in the 802.11 header,” in 2008 International Wireless Communications and Mobile Computing Conference, 2008, pp. 594-599. [Online]. Available: http://doi.org/10.1109/IWCMC.2008.103
• [9] S. Vibhuti, “IEEE 802.11 wep (wired equivalent privacy) concepts and vulnerability,” in CS265 Spring, 2005. [Online]. Available: http://www.cs.sjsu.edu/∼stamp/CS265/projects/Spr05/papers/WEP.pdf
• [10] G. Ricardo, T. Murali, and M. John C., “Analysis of a mac layer covert channel in 802.11 networks,” International Journal on Advances in Telecommunications, vol. 5, no. 3 & 4, pp. 131-140, 2012.
• [11] K. Sawicki and Z. Piotrowski, “The proposal of ieee 802.11 network access point authentication mechanism using a covert channel,” in 2012 19th International Conference on Microwaves, Radar & Wireless Communications, vol. 2, 2012, pp. 656-659. [Online]. Available: http://doi.org/10.1109/MIKON.2012.6233587
• [12] H. Seong, I. Kim, Y. Jeon, M.-K. Oh, S. Lee, and D. Choi, “Practical covert wireless unidirectional communication in IEEE 802.11 environment,” IEEE Internet of Things Journal, pp. 1-1, 2022. [Online]. Available: http://doi.org/10.1109/JIOT.2022.3204987
• [13] T. Mekhaznia and A. Zidani, “Wi-fi security analysis,” Procedia Computer Science, vol. 73, pp. 172-178, 2015.
• [14] K. Chintan, B. Dhrumil, B. Ravi, P. Vivek, and D. Deepti, “Deauthentication attack on wireless network,” International Journal of Engineering and Advanced Technology (IJEAT), vol. 8, no. 3S, pp. 881-884, 02 2019.
• [15] Y. Song, C. Yang, and G. Gu, “Who is peeping at your passwords at starbucks? - to catch an evil twin access point,” in 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), 2010, pp. 323-332. [Online]. Available: http://doi.org/10.1109/DSN.2010.5544302
• [16] W. Wu, X. Gu, K. Dong, X. Shi, and M. Yang, “Prapd: A novel received signal strength-based approach for practical rogue access point detection,” International Journal of Distributed Sensor Networks, vol. 14, no. 8, 08 2018.
• [17] A. Abhijit S. Bodhe, “Rogue access point: A threat to wireless society,” IAETSD JOURNAL FOR ADVANCED RESEARCH IN APPLIED SCIENCES, vol. 4, no. 7, pp. 97-102, 12 2017.
• [18] S. Shetty, M. Song, and L. Ma, “Rogue access point detection by analyzing network traffic characteristics,” in MILCOM 2007 - IEEE Military Communications Conference, 2007, pp. 1-7. [Online]. Available: http://doi.org/10.1109/MILCOM.2007.4455018
• [19] V. Modi and C. Parekh, “Detection of rogue access point to prevent evil twin attack in wireless network,” International Journal of Engineering Research & Technology (IJERT), vol. 6, no. 4, pp. 23-26, 04 2017.
• [20] R. Gonçalves, M. E. Correia, and P. Brandão, “A flexible framework for rogue access point detection,” in 15th International Joint Conference on e-Business and Telecommunications (ICETE 2018), vol. 2: SECRYPT, 2018, pp. 466-471.
• [21] P. B and J. Nagamalai, “A review on various sniffing attacks and its mitigation techniques,” Indonesian Journal of Electrical Engineering and Computer Science, vol. 12, pp. 1117-1125, 12 2018. [Online]. Available: http://doi.org/10.11591/ijeecs.v12.i3.pp1117-1125
• [22] M. Gregorczyk, P. Żórawski, P. Nowakowski, K. Cabaj, and W. Mazurczyk, “Sniffing detection based on network traffic probing and machine learning,” IEEE Access, vol. 8, pp. 149 255-149 269, 2020.
• [23] K. Yogi and Ernastuti, “Analysis of deauthentication attack on ieee 802.11 connectivity based on iot technology using external penetration test,” Communication and Information Technology (CommIT), vol. 14, no. 1, pp. 45-51, 2020.
• [24] A. H. Noman, M. A. Shahidan, and H. I. Mohammed, “An automated approach to detect deauthentication and disassociation dos attacks on wireless 802.11 networks,” IJCSI International Journal of Computer Science, vol. 12, no. 4, pp. 107-112, 07 2015.
• [25] A. Arora, “Preventing wireless deauthentication attacks over 802.11 networks,” CoRR, vol. abs/1901.07301, 2019. [Online]. Available: http://arxiv.org/abs/1901.07301
• [26] A. Amoordon, V. Deniau, A. Fleury, and C. Gransart, “A single supervised learning model to detect fake access points, frequency sweeping jamming and deauthentication attacks in ieee 802.11 networks,” Machine Learning with Applications, vol. 10, p. 100389, 12 2022.
• [27] Z. Feng, J. Ning, I. Broustis, K. Pelechrinis, S. V. Krishnamurthy, and M. Faloutsos, “Coping with packet replay attacks in wireless networks,” in 8th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks, 2011, pp. 368-376. [Online]. Available: http://doi.org/10.1109/SAHCN.2011.5984919
• [28] “NS-3 network simulator.” [Online]. Available: https://www.nsnam.org

Uwagi

1. Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2022-2023).

2. This research was supported by the Polish Ministry of Science and Higher Education with the subvention funds of the Faculty of Computer Science, Electronics and Telecommunications of AGH University of Science and Technology.