Parallel Active Dictionary Attack On Ieee 802.11 Enterprise Networks
Keywords
Brute force attack; Virtual wireless clients; Wi-Fi security; WPA-II enterprise
Abstract
One of the greatest challenges facing 802.11 wireless local area network (WLAN) is to provide equivalent security to wired local area network (LAN). Wi-Fi Protected Access II (WPA-II), also referred to as IEEE 802.11i standard, is the current security mechanism for enterprise wireless networks. IEEE 802.11i standard depends upon IEEE 802.1X standard to authenticate and generate the main cryptographic key used to secure wireless network traffic. In a WPA-II enterprise network, capturing wireless frames during the authentication phase between the Access Point (AP) and an authorized wireless client will not compromise the security of the WLAN. However, an attacker can apply active dictionary attack by guessing the credentials used to access the wireless network. In this case, the attacker communicates directly with the Authentication Server (AS). The main downside of this attack is the low intensity of password guessing trials that the attacker can achieve, thus security community usually does not pay attention to such an attack. In this paper, we present a new attack scheme that can increase the intensity of guessing trials against WPA-II enterprise. The new scheme is based on using one wireless interface card to create multiple virtual wireless clients (VWCs), each VWC communicates with the Authentication Server as a standalone wireless client. We have developed a working prototype and our experiments show that the proposed scheme can improve the active dictionary guessing speed by more than 1700% compared to the traditional single wireless client attack.
Publication Date
12-22-2016
Publication Title
Proceedings - IEEE Military Communications Conference MILCOM
Number of Pages
265-270
Document Type
Article; Proceedings Paper
Personal Identifier
scopus
DOI Link
https://doi.org/10.1109/MILCOM.2016.7795337
Copyright Status
Unknown
Socpus ID
85011802407 (Scopus)
Source API URL
https://api.elsevier.com/content/abstract/scopus_id/85011802407
STARS Citation
Nakhila, Omar and Zou, Cliff, "Parallel Active Dictionary Attack On Ieee 802.11 Enterprise Networks" (2016). Scopus Export 2015-2019. 4352.
https://stars.library.ucf.edu/scopus2015/4352