CFP last date
20 December 2024
Call for Paper
January Edition
IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper
Know more
The week's pick
Responsive image
Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen
Random Articles
Reseach Article

Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication

by Paridhi Singhal, Manoj Diwakar, Mandeep Katre
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 58 - Number 16
Year of Publication: 2012
Authors: Paridhi Singhal, Manoj Diwakar, Mandeep Katre
10.5120/9365-3812

Paridhi Singhal, Manoj Diwakar, Mandeep Katre . Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication. International Journal of Computer Applications. 58, 16 ( November 2012), 16-20. DOI=10.5120/9365-3812

@article{ 10.5120/9365-3812,
author = { Paridhi Singhal, Manoj Diwakar, Mandeep Katre },
title = { Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication },
journal = { International Journal of Computer Applications },
issue_date = { November 2012 },
volume = { 58 },
number = { 16 },
month = { November },
year = { 2012 },
issn = { 0975-8887 },
pages = { 16-20 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume58/number16/9365-3812/ },
doi = { 10.5120/9365-3812 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:02:40.385036+05:30
%A Paridhi Singhal
%A Manoj Diwakar
%A Mandeep Katre
%T Prevention of DoS and Memory Exhaustion Attacks: Key Distribution with Confidentiality and Authentication
%J International Journal of Computer Applications
%@ 0975-8887
%V 58
%N 16
%P 16-20
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Now a day’s most of the organizations are moving from wire-connected LAN to wireless LAN. The popularity of the 802.11 network standards stems from the fact that they provide for wireless connections with simplicity and convenience. But, there are many security issues which have been identified in the operation of 802.11 networks, and the 802.11i protocol has been announced to protect these types of networks. 802.11i protocol security has with a focus on an active attack and a passive attack. These types of attacks exhaust the client’s memory using a vulnerability of the key derivation procedure in 802.11i. It is vulnerable to various active and passive attacks which include de-authentication and disassociation attacks. For active and passive attacks( denial of services and memory exhaustion ) which are possible in 4-way handshake, this paper provides a secret key distribution with confidentiality and authentication and can also say that this procedure of secret key distribution is free from these active and passive attacks in comparison to original protocol and is more secure.

References
  1. IEEE Standard 802.11-1999. Information technology –Telecommunications and information exchange between Systems – Local and metropolitan area networks – Specific Requirements – Part 11: Wireless LAN Medium Access Control and Physical Layer Specifications. 1999.
  2. IEEE Standard 802.11b-1999. Higher-Speed Physical Layer Extension in the 2.4 GHz Band, Supplement to IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements – Part11:Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. September, 1999.
  3. Guide to Internet Security.
  4. What's New in Security: WPA (Wi-Fi Protected Access)?
  5. Seung-Jo HanHeang-Soo Oh JonganPark Dept. of Electron. Eng., Chosun Univ.” The improved data encryption standard (DES) algorithm., Spread Spectrum Techniques and Applications Proceedings, 1996.
  6. A. Mishra and W. A. Arbaugh, “An initial security analysis of the IEEE 802.1X standard,” Tech. Rep. CS-TR-4328, University of Maryland, College Park, Md, USA, February 2002
  7. Xiaodong Zha ; Maode Ma ,” Security improvements of IEEE 802.11i 4-way handshake scheme”,IEEE International Conference on Communication Systems(ICCS) 2010.
  8. Xinyu Xing; Shakshuki, E.; Benoit, D.; Sheltami, T.; “Security Analysis and Authentication Improvementfor IEE802.11i Specification”,Global Telecommunications Conference, 2008.
  9. Jing Liu, Xinming Ye, Jun Zhang, Jun Li, "Security Verification of 802.11i 4-way Handshake Protocol", 2008 IEEE
  10. Sung-Hyun Eum, Yae-Hoe Kim, and Hyoung-Kee Choi,”A Secure 4-Way Handshake in 802.11i Using Cookies”, July 2008, Vol.2, No.1
  11. C. He and J. C. Mitchell, "Analysis of the 802.11i 4-Way Handshake," in Proceedings of the 3rd ACM workshop on Wireless security, Philadelphia, PA, USA, 2004, pp. 43 - 50.
  12. V.Moen, H. Raddum, and K. J. Hole, “Weaknesses in the temporal key hash of WPA,” ACMSIGMOBILEMobile Computing and Communications Review, vol. 8, no. 2, pp. 76–83, 2004
  13. F. D. Rango, D. C. Lentini, and S. Marano, “Static and dynamic 4-way handshake solutions to avoid denial of service attack in Wi-Fi protected
  14. D. B. Faria and D. R. Cheriton, “DoS and authentication in wireless public access networks,” in Proceedings of the ACM Workshop on Wireless Security (WiSe ’02), pp. 47–56, Atlanta, Ga, USA, September 2002.
  15. Fluhrer, Mantin, Shamir. “Weaknesses in the Key Scheduling Algorithm of RC4” http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf. 2001.
  16. Needham;R., and Schroeder, M. “Using Encryption for Authentication in Large Networks of Computers”. Communications of the ACM, December 1978.
Index Terms

Computer Science
Information Sciences

Keywords

Secret key distribution 4-Way Handshake De- authentication active Attacks passive attack IEEE802.11 IEEE802.11i public key private key

Powered by PhDFocusTM