Investigation of Denial of Service (DoS) attack in Wireless LAN
No Thumbnail Available
URL
Journal Title
Journal ISSN
Volume Title
Helsinki University of Technology |
Diplomityö
Checking the digitized thesis and permission for publishing
Instructions for the author
Instructions for the author
Authors
Date
2004
Department
Major/Subject
Tietoliikennetekniikka
Mcode
S-72
Degree programme
Language
en
Pages
80
Series
Abstract
Denial of service (DoS) and distributed denial of service (DDoS) attacks are considered to be one of the most severe threat problems in wireless network security. The Master's thesis describes some recent research on DoS attacks in wireless LAN, presents literature research covering different types of DoS in corresponding OSI layers in Wireless Local Area Network (Wireless LAN) IEEE 802.11 standards architecture and security mechanisms, and ETSI HIPERLAN architectures. Additionally, the thesis reviews Local Area Network (LAN) security, considering both network operational security and network data security. Furthermore, some defence methods, such as authentication and access control, 802.1X and EAPOL, and VPN against DoS attacks are introduced. Moreover, different kinds of (distributed) DoS attacking tools, such as Trinoo, TFN, and Stacheldraht are introduced in a later chapter. The Chinese new WLAN standard, WLAN Authentication and Privacy Infrastructure (WAPI) is also discussed briefly. A new kind of DoS attack against IEEE 802.11 DSSS based WLANs is discussed. The defence strategies and currently used defending tools against DoS attacks in WLANs are discussed. It has been suggested that 802.11 networks are highly susceptible to malicious DoS attacks targeting their management and media access protocols. The thesis provides an analysis of such 802.11-specific attacks. The results show that there is no comprehensive solution against DoS attacks in WLAN currently. To combat DoS attacks, the best way is not to make changes to the protocols, but to take external countermeasures, such as tracing the attacks, enforcing related law and enterprise usage policy systems. Finally, in WLAN, the migration to the 5GHz range is both practical and market-rewarding.Description
Supervisor
Häggman, Sven-GustavThesis advisor
Hall, MichaelKeywords
(Distributed) Denial of Service, Intrusion Detection Systems, IEEE 802.11, HIPERLAN, WPA, 802.1X, DoS attack, authentication, VPN