Litcius/Paper detail

Automated WiFi Incident Detection Attack Tool on 802.11 Networks

Dimitris Koutras, Panos Dimitrellos, Panayiotis Kotzanikolaou, Christos Douligeris

202312 citationsDOI

Abstract

In this paper we propose a methodology for intrusion detection of attacks originating from WiFi networks, along with WiFi-NID, a WiFi Network Intrusion Detection tool, developed to automate the detection such attacks at the 802.11 networks. In particular, WiFi-NID has the ability to detect and trace possible illegal network scanning attacks, which originate from attacks at the WiFi access layer. A penetration testing methodology is defined, in order to discover the environmental security characteristics, related with the current configuration of the devices connected to the 802.11 network. The methodology covers known WiFi attacks such as deauthentication attacks, capturing and cracking WPA-WPA/2 handshake, captive portal and WPA attacks, mostly based on various open source software tools, as well as on specialized hardware. For the validation process, a testbed is set based on realistic scenarios of WiFi network topologies.

Topics & Concepts

TestbedComputer scienceIntrusion detection systemHandshakeComputer networkNetwork topologySoftwareTransport Layer SecurityProcess (computing)Computer securityEmbedded systemOperating systemEncryptionAsynchronous communicationNetwork Security and Intrusion DetectionInternet Traffic Analysis and Secure E-votingAdvanced Malware Detection Techniques