Parallel Active Dictionary Attack On Wpa2-Psk Wi-Fi Networks

Creator

Omar Nakhila, University of Central Florida
Afraa Attiah, University of Central Florida
Yier Jinz, University of Central Florida
Cliff Zoux, University of Central Florida

Keywords

Dictionary attack; Wi-Fi security; WPA2-PSK

Abstract

Wi-Fi network offers an inexpensive and convenient way to access the Internet. It becomes even more important nowadays as we are moving from the traditional computer age to the current mobile devices and Internet-of-Things age. Wi-Fi Protected Access II (WPA2) - Pre-shared key (PSK) is the current security standard used to protect small 802.11 wireless networks. Most of the available dictionary password-guessing attacks on WPA2-PSK are based on capturing the four-way handshaking frames between an authorized wireless client and the Access Point (AP). These attacks will fail if an attacker is unable to capture the four-way handshaking frames of a legitimate client. An attacker also can apply an active dictionary attack by sending a pass-phrase to the AP and waiting for the response. However, this attack approach could only achieve a low attack intensity of testing a few pass-phrases per minute. In this paper, we develop a new scheme to speed up the active pass-phrase guessing trials intensity based on two novel ideas: First, the scheme mimics multiple Wi-Fi clients connecting to the AP at the same time-each emulated Wi-Fi client has its own spoofed MAC address; Second, each emulated Wi-Fi client could try many pass-phrases using a single wireless session without the need to pass the 802.11 authentication and association stages for every pass-phrase guess. We have developed a working prototype and our experiments show that the proposed scheme can improve active dictionary pass-phrase guessing speed by 100-fold compared to the traditional single client attack.

Publication Date

12-14-2015

Publication Title

Proceedings - IEEE Military Communications Conference MILCOM

Volume

2015-December

Number of Pages

665-670

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/MILCOM.2015.7357520

Copyright Status

Unknown

Socpus ID

84959258185 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/84959258185

STARS Citation

Nakhila, Omar; Attiah, Afraa; Jinz, Yier; and Zoux, Cliff, "Parallel Active Dictionary Attack On Wpa2-Psk Wi-Fi Networks" (2015). Scopus Export 2015-2019. 2039.
https://stars.library.ucf.edu/scopus2015/2039