The features of a deauthentication attack implementation in networks 802.11

Authors

  • Роман Юрійович Корольков National University "Zaporizhzhia Polytechnic"
  • Сергій Вікторович Куцак National University "Zaporizhzhia Polytechnic"

DOI:

https://doi.org/10.18372/2410-7840.21.13953

Keywords:

attack, authentication, threat, packet injection, connection, access point, frame, DoS, Linux, Wi-Fi

Abstract

The special type of attack – Denial of Service (DoS) in networks based on the 802.11 standard, namely the deauthentication attack, was investigated and demonstrated in the article. This study illustrates the possible scheme of action of the attacker and the scenario of attack on the client. The possibility of a deauthentication attack implementing is directly related to the features of the mechanism of communication in a wireless network 802.11. The connection between the client and the access point (AP) is established by exchanging different frames to undergo authentication and association procedures. Sending a deauthentication frame to Wi-Fi is a vulnerable point in the process of connecting (disconnecting) devices. Deauthentication frame is a notification, not a request. When receiving a deauthentication frame (regardless of whether it is fake or real), no host can refuse to execute it unless the frame protection mode (802.11w: MFP or Management Frame Protection) is enabled and failed to successfully complete control against counterfeiting frame of MIC (Message Integrity Check). Because authentication cancellation requests cannot be ignored, the access point reacts instantly to those requests. The attacker falsifies the MAC address of the legitimate client and runs periodic deauthentication frames. The AP responds by sending a customer authentication denial response. Such a vulnerability of wireless networks Wi-Fi, allows an attacker to send packets deauthentication, leading to disruption of communication between clients and access points to which they are connected. Should the attack continue indefinitely, the client will definitely not be able to connect to the wireless network until the attacker cancels the attack. Therefore, DoS attack is critical attack that violates the current load and transaction performed by the customer. Implementation of this type of attack is carried out using several tools in the Kali Linux 2016.2 operating system

Author Biographies

Роман Юрійович Корольков, National University "Zaporizhzhia Polytechnic"

Senior Lecturer of the Information Security Department, National University "Zaporizhzhia Polytechnic"

Сергій Вікторович Куцак, National University "Zaporizhzhia Polytechnic"

Senior Lecturer of the Information Security Department, National University "Zaporizhzhia Polytechnic"

References

S. Compton, C. Hornat, "802.11 Denial Of Service

Attacks and Mitigation. SANS Institute InfoSec

Reading Room", May 17th 2007.

M. Vipin, S. Srikanth, "Analysis of Open Source

Drivers for IEEE 802.11 WLANs", In IEEE

Conference proceeding of ICWCSC 2010.

J. Bellardo, S. Savage "Denial-of-Service Attacks: Real

Vulnerabilities and Practical Solutions", Department of

Computer Science and Engineering University of California at

San Diego.

Aircrack. Deauthentication. [Електронний ресурс].

Режим доступа: https://www.aircrack-ng.org/doku.

php?id=deauthentication.

R. Cheema, D. Bansal, Dr. Sanjeev Sofat, "Deauthentication/Disassociation Attack: Implementation and

Security in Wireless Mesh Networks", International

Journal of Computer Applications, Volume 23, No.7, June

D. Joshi, Dr. Ved Vyas Dwivedi, K. Pattani, "De-Authentication attack on wireless network 802.11i using

Kali Linux" IRJET, Volume, 04 Issue, 01 Jan 2017.

S. Kapp, "802.11: Leaving the Wire Behind". IEEE

Internet Computing, Vol. 6, No. 1, pp. 82-85, 2002.

V. Durcekova, L. Schwartz, N. Shahmehri "Sophisticated Denial of Service Attacks aimed at Application

Layer", IEEE 2012.

"Wireless LAN Medium Access Control (MAC) and

Physical Layer (PHY) Specifications", IEEE Std

11-2007 (Revision of IEEE Std 802.11-1999),

pp. 1184, 2007.

M. Salem, A. Sarha, M. Abu-Bakr, "A DOS Attack

Intrusion Detection and Inhibition Technique for

Wireless Computer Networks" ICGST- CNIR, Volume 7, Issue I, July 2007.

H. Peng, "WIFI network information security analysis

research", Proceedings of 2012 2nd International Conference

on Consumer Electronics, Communications and Networks

(CECNet). Yichang, pp. 2243-2245, 2012. DOI:

1109/CECNet.2012.6201786

K. Hole, E. Dyrnes, P. Thorsheim, "Securing Wi-Fi

networks", Computer, Vol. 38, No. 7, pp. 28-34, 2005.

DOI: 10.1109/MC.2005.241

Downloads

Published

2019-09-27

Issue

Vol. 21 No. 3 (2019)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).