ebook img

SALIFU ABDUL-MUMIN PDF

79 Pages·2011·1.45 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview SALIFU ABDUL-MUMIN

DETECTION OF MAN-IN-THE-MIDDLE ATTACK IN IEEE 802.11 NETWORKS BY SALIFU, ABDUL-MUMIN, BSc. Computer Science (Hons.) A Thesis Submitted To The Department Of Electrical and Electronic Engineering, Kwame Nkrumah University Of Science And Technology In Partial Fulfillment Of The Requirements For The Degree Of MASTER OF SCIENCE IN TELECOMMUNICATION ENGINEERING MAY, 2011 1 Declaration I, Salifu Abdul-Mumin, hereby declare that this thesis, “Detection of Man-the-Middle Attack in IEEE 802.11 Networks”, consists entirely of my own work produced from research undertaken under supervision and that no part of it has been published or presented for another degree elsewhere, except for the permissible references from other sources, which have been duly acknowledged. Date………………….. Sgd………………… (Salifu Abdul-Mumin) Date …………………. Sgd………………….. (Supervisor: Dr. K. O. Boateng) Date……………………. Sgd…………………… (Head of Department) 2 Dedication This work is dedicated to my late father, Mr. Salifu Demah Selanwiah for his fatherly responsibility, love, care and encouragement. May the Good Lord grant him one of the places in paradise. 3 Acknowledgement “Silver and Gold I have none but such as this I give unto you”. The success of this project is a result of the combined effort and contributions of many people who in one way or other deserved to be acknowledged. I wish to express my sincerest thanks to the Almighty God for his protection and guidance, which has taken me to this height. I acknowledge with a sentiment of deep gratitude to my supervisor Dr. K. O. Boateng for his relentless efforts, patience and overwhelming understanding in guiding and offering me constructive comments, directions and useful suggestions that made this work possible. Many thanks also go to all lecturers of the faculty of Electrical and Electronic Engineering who natured me in one way or the other and has contributed significantly to the successful completion of my degree. I further express my thanks to my family who gave me prayers and constructive advice, which has seen me this far. To my friends and course mates, I am grateful and wish to thank you for the manifold support and encouragement. 4 Abstract The recent proliferation of high speed wireless portable devices has resulted in a significant demand for wireless LANs. WLANs offer tremendous flexibility to the mobile user, compared with their wired LANs equivalent. With this development, Wireless networks are vulnerable to many identity-based attacks in which a malicious device uses forged MAC addresses to masquerade as a specific client. One of these attacks is Man-in-the-middle attack. Interestingly the man-in-the-middle is usually part of the network where malicious activities are mostly least expected. Most stakeholders turn to secure their networks against unauthorized users paying less attention to those within their own networks. In solving this malicious activity, we studied the state of the act of executing man-in-the-middle attack in wireless networks. Based on this study, a mechanism has been developed to detect this attack. We generated a list of database consisting of IP addresses and MAC addresses of authorized users on a WLAN to check on packets coming to the destination host. The detection mechanism has been simulated in a wireless environment to test the effectiveness of the detection mechanism. In all cases the simulated man-in-the-middle attack was detected. The performance of the proposed detection mechanism was evaluated against an existing detection mechanism. 5 Table of Contents Title Page……………………………………………………………………………………………….i Declaration…………………………………………………………………………………………….ii Dedication…………………………………………………………………………………………….iii Acknowledgement…………………………………………………………………………………….iv Abstract……………………………………………………………………………………...................v Table of Contents…………………………………………………………………………………vi List of Tables…………………………………………………………………………………………..x List of Figures…………………………………………………………………………………………xi List of Acronyms……………………………………………………………………………………..xii CHAPTER ONE: INTRODUCTION 1.0.0 Background………………………………………………………………………………..1 1.1.0 Man-in-the-middle attack…………………………………………………………………1 1.1.1 Origin of name………………………………………………………………………………2 1.1.2 Other definitions…………………………………………………………………………….2 1.1.3 Scenario……………………………………………………………………………………...3 1.2.0 Problem Statement…………………………………………………………………………..4 1.3.0 Objectives of the Study……………………………………………………………………...5 1.4 Scope of Study………………………………………………………………………………...5 1.5 Justification……………………………………………………………………………………6 1.6.0 Assumptions…………………………………………………………………………………6 6 1.7.0 Methodology………………………………………………………………………………...7 1.8.0 Organization of Thesis………………………………………………………………………7 CHAPTER TWO: REVIEW OF LITERETURE 2.0.0 Wireless Security……………………………………………………………………………8 2.1.0Wireless Network Attacks…………………………………………………………………...8 2.1.1 Passive Eavesdropping/Traffic Analysis……………………………………………………9 2.1.2 Message Injection/Active Eavesdropping…………………………………………………...9 2.1.3 Message Deletion and Interception………………………………………………………….9 2.1.4 Masquerading and Malicious AP…………………………………………………………..10 2.1.5 Denial-of-Service…………………………………………………………………………..11 2.1.6 Jamming……………………………………………………………………………............11 2.1.7 Session Hijacking…………………………………………………………………………..11 2.1.8 IP Spoofing………………………………………………………………………………...17 2.1.8 Man-in-the-Middle (MITM) Attack……………………………………………………….18 2.1.9 ARP Cache Poisoning Attack……………………………………………………………...19 2.2.0 The Hacker…………………………………………………………………………………22 2.2.1 The Victim…………………………………………………………………………………22 2.3.0 Defenses against Wireless Networks Attacks……………………………………………...23 2.3.1 Network Security Management Plan………………………………………………………23 2.3.2 Security Measures………………………………………………………………………….24 7 2.3.3 IEEE 802.11i Standard……………………………………………………………………..26 2.3.4 Defenses against ARP spoofing……………………………………………………………28 2.4.0 Passive Techniques for Detecting Session Hijacking Attacks in IEEE 802.11 Wireless Networks………………………………………………………………………………………....28 2.4.1 Intrusion Detection Systems…………………………………………………………….....29 2.4.2 Wireless Intrusion Detection Systems (WIDSs)……………………………………….......29 2.4.3 Monitoring Received Signal Strength (RSS)………………………………………………30 2.4.4 Monitoring Round Trip Times of RTS-CTS Handshake…………………………………..32 2.5.0 Proposed System…………………………………………………………………………...33 CHAPTER THREE: SOFTWARE DESIGN 3.0 Software Design……………………………………………………………………………...35 3.1 An Illustration of MITM attack………………………………………………………….......35 3.1.1 Detecting the Illustrated Attack………………………………………………………........36 3.1.2 Detecting hosts with IP packets routing enabled…………………………………………..37 3.1.3 Detection of ARP Cache Poisoning Attack………………………………………………..38 3.2.0 Preliminary Study………………………………………………………………………….40 3.2.1Analysis…………………………………………………………………………………….41 3.2.2 Detail Software Design…………………………………………………………………….41 8 3.2.3 Logic of the Design………………………………………………………………………...42 3.2.4 Design Architecture………………………………………………………………………..43 CHAPTER FOUR: IMPLEMENTATION AND TESTING 4.0 Implementation………………………………………………………………………………46 4.1Tools used…………………………………………………………………………………….46 4.2 Experimental setup…………………………………………………………………………...46 4.3 Testing………………………………………………………………………………………..52 4.4 Evaluation…………………………………………………………………………………....54 CHAPTER FIVE: CONCLUSION AND RECOMMENDATION 5.1 Conclusion…………………………………………………………………………………...56 5.2 Recommendations……………………………………………………………………………56 References………………………………………………………………………………………..58 Appendix………………………………………………………………………………………....62 9 LISTS OF TABLES Table 3.1ARP cache of host A before attack…………………………………………………….36 Table 3.2ARP cache of host B before attack…………………………………………………….36 Table 3.3 ARP cache of host A after attack……………………………………………...............36 Table 3.4 ARP cache of host B after attack……………………………………………………...36 10

Description:
Interestingly the man-in-the-middle is usually part of the network where malicious activities authorized users on a WLAN to check on packets coming to the destination host 2.4.0 Passive Techniques for Detecting Session Hijacking Attacks in IEEE 802.11 Wireless . URL: Uniform Resource Locator.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.