Parallel Active Dictionary Attack On Ieee 802.11 Enterprise Networks

Keywords

Brute force attack; Virtual wireless clients; Wi-Fi security; WPA-II enterprise

Abstract

One of the greatest challenges facing 802.11 wireless local area network (WLAN) is to provide equivalent security to wired local area network (LAN). Wi-Fi Protected Access II (WPA-II), also referred to as IEEE 802.11i standard, is the current security mechanism for enterprise wireless networks. IEEE 802.11i standard depends upon IEEE 802.1X standard to authenticate and generate the main cryptographic key used to secure wireless network traffic. In a WPA-II enterprise network, capturing wireless frames during the authentication phase between the Access Point (AP) and an authorized wireless client will not compromise the security of the WLAN. However, an attacker can apply active dictionary attack by guessing the credentials used to access the wireless network. In this case, the attacker communicates directly with the Authentication Server (AS). The main downside of this attack is the low intensity of password guessing trials that the attacker can achieve, thus security community usually does not pay attention to such an attack. In this paper, we present a new attack scheme that can increase the intensity of guessing trials against WPA-II enterprise. The new scheme is based on using one wireless interface card to create multiple virtual wireless clients (VWCs), each VWC communicates with the Authentication Server as a standalone wireless client. We have developed a working prototype and our experiments show that the proposed scheme can improve the active dictionary guessing speed by more than 1700% compared to the traditional single wireless client attack.

Publication Date

12-22-2016

Publication Title

Proceedings - IEEE Military Communications Conference MILCOM

Number of Pages

265-270

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/MILCOM.2016.7795337

Socpus ID

85011802407 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85011802407

This document is currently not available here.

Share

COinS