Maxim Kovtsur
ABSTRACT
This article discusses the principles of the IEEE 802.1x standard and presents four DoS attacks in accordance with the enterprise matrix MITRE ATT&CK for corporate networks of companies. The methods of protection against the presented attacks are determined and the ways of their implementation on the equipment of various manufacturers, such as TP-LINK, ASUS, MikroTik are investigated.
Supplemental Material
Available for Download
ppt
5GNFI_Kovtsur_Minyaev_Khramtsov_Abramenko_conf_presentation.ppt (2.5 MB)
Presentation slides
- A. Vladyko, A. Khakimov, A. Muthanna, A. A. Ateya, and A. Koucheryavy, (2019). Distributed edge computing to assist ultra-low-latency VANET applications. Future Internet, 11(6).Google Scholar
- R. Pirmagomedov, M. Blinnikov, R. Glushakov, A. Muthanna, R. Kirichek, and A. Koucheryavy, (2017). Dynamic data packaging protocol for real-time medical applications of nanonetworks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 10531 LNCS, pp. 196–205.Google ScholarCross Ref
- Cisco predicts an increase in data transfer speed, the number of Internet users and the number of devices connected to the network in Russia. [Electronic resource] URL: https://www.cisco.com/c/ru_ru/about/press/press-releases/2020/04-14.html.Google Scholar
- N. Lovinger, T. Gerlich, Z. Martinasek and L. Malina, Detection of wireless fake access points // 12th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2020, pp. 113-118.Google Scholar
- Reports on DDoS attacks. DDoS attacks in the third quarter of 2020 [Electronic resource] URL: https://securelist.com/ddos-attacks-in-q3-2020/99091.Google Scholar
- M. M. Kovtsur, A. Yu. Kistruga, G. E. Voroshnin, A. E. Fedorova. Investigation of authentication failure and arp injection attacks and methods of their detection in IEEE 802.11 family networks // Information technologies and telecommunications. 2021. Vol. 9. No. 1. pp. 87-98.Google Scholar
- N. Lovinger, T. Gerlich, Z. Martinasek and L. Malina. Detection of wireless fake access points // 2020 12th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2020, pp. 113-118.Google Scholar
- B. Tushir, Y. Dalal, B. Dezfouli and Y. Liu. A Quantitative Study of DDoS and E-DDoS Attacks on WiFi Smart Home Devices in IEEE Internet of Things Journal, 15 April, 2021, vol. 8, no. 8, pp. 6282-6292.Google Scholar
- J. Henry, R. Barton, D. Hucaby / CCNP Enterprise Wireless Design ENWLSD 300-425 and Implementation ENWLSI 300-430 Official Cert Guide. Cisco Press – 2020. P. 576.Google Scholar
- Lyubomyr Chyrun, Liliya Chyrun, Yaroslav Kis, Lev Rybak, Information System for Connection to the Access Point with Encryption WPA2 Enterprise // International Scientific Conference “Intellectual Systems of Decision Making and Problem of Computational Intelligence”, ISDMCI 2019: Lecture Notes in Computational Intelligence and Decision Making pp 389-404.Google Scholar
- H. Hwang, G. Jung, K. Sohn and S. Park, A Study on MITM (Man in the Middle) Vulnerability in Wireless Network Using 802.1X and EAP // 2008 International Conference on Information Science and Security (ICISS 2008), 2008, pp. 164-170.Google Scholar
- A. Minyaev, A. Krasov, D. Saharov. The Method and Methodology of efficiency assessment of protection system of distributed information systems / Institute of Electrical and Electronics Engineers – 2020, pp. 291-295.Google Scholar
- A. Vikulov, A. Paramonov. Practical retrospective of 5-year evolution of the IEEE 802.11 client device capabilities // 12th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2020. pp. 296-300.Google Scholar
- J. Pokorny, R. Fujdiak, M. Kovanda, M. Strajt, J. Hosek. Traffic Analysis of IEEE 802.11 on Physical Layer by using Software Defined Radio // 12th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2020. pp. 78-81.Google Scholar
- L. Liu, T. Stimpson, N. Antonopoulos. An Investigation of Security Trends in Personal Wireless Networks. Wireless Pers Commun 75, 2014, pp. 1669–1687.Google ScholarDigital Library
- K. Pelechrinis, M. Iliofotou and S. V. Krishnamurthy, Denial of Service Attacks in Wireless Networks: The Case of Jammers // IEEE Communications Surveys & Tutorials, vol. 13, no. 2, pp. 245-257, Second Quarter 2011.Google ScholarCross Ref
- D. W. Vilela, A. D. P. Lotufo, and C. R. Santos, (2018, July). Fuzzy ARTMAP Neural Network IDS Evaluation applied for real IEEE 802.11 w data base. In 2018 International Joint Conference on Neural Networks (IJCNN), pp. 1-7.Google Scholar
- Yujia Zhang, Guanlin Chen, Wenyong Weng and Zebing Wang, An overview of wireless intrusion prevention systems // 2010 Second International Conference on Communication Systems, Networks and Applications, 2010, pp. 147-150.Google Scholar
Recommendations
DDoS attacks and defense mechanisms: classification and state-of-the-art
Denial of Service (DoS) attacks constitute one of the major threats and among the hardest security problems in today's Internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With ...
Detailed DoS attacks in wireless networks and countermeasures
IEEE 802.11 wireless networks have fuzzy boundaries, making it easy for an attacker to capture the transmitted packets. Also the attacker can send massive volume of illegitimate traffic and utilise system resources in a way that renders the system ...
Improvements on the WTLS protocol to avoid denial of service attacks
The current WTLS protocol is closely modeled after the well-studied SSL protocol. However, since some differences exist between these two protocols, even if the SSL protocol is secure, the WTLS protocol may not. We propose three kinds of possible Denial ...
Comments