Security Analysis of Application Layer Protocols on Wireless Local Area
Networks

doi:10.1007/s12204-011-1193-5

上海交通大学学报（英文版） ›› 2011, Vol. 16 ›› Issue (5): 586-592.doi: 10.1007/s12204-011-1193-5

Security Analysis of Application Layer Protocols on Wireless Local Area
Networks

YANG Ming-hour (杨明豪)

(Department of Information & Computer Engineering,
Chung Yuan Christian University, Chung Li 320)

收稿日期:2011-06-12 出版日期:2011-10-29 发布日期:2011-10-20
通讯作者: YANG Ming-hour (杨明豪) E-mail: mhyang@cycu.edu.tw

Security Analysis of Application Layer Protocols on Wireless Local Area
Networks

YANG Ming-hour (杨明豪)

(Department of Information & Computer Engineering,
Chung Yuan Christian University, Chung Li 320)

Received:2011-06-12 Online:2011-10-29 Published:2011-10-20
Contact: YANG Ming-hour (杨明豪) E-mail: mhyang@cycu.edu.tw

摘要/Abstract

摘要： Abstract: This paper aims at analyzing the security issues that lie in the
application layer (AL) protocols when users connect to the Internet via a
wireless local area network (WLAN) through an access point. When adversaries
launch deauthentication flood attacks cutting users' connection,
the connection managers will automatically re-search the last access point's
extended service set identifier (ESSID) and then re-establish connection.
However, such re-connection can lead the users to a fake access point with
the same ESSID set by attackers. As the attackers hide behind users' access
points, they can pass AL's authentication and security schemes, e.g. secure
socket layer (SSL). We have proved that they can even spy on users' account
details, passwords, data and privacy.

关键词: man-in-the-middle (MITM) attacks, session hijacking, wireless
local area network (WLAN)

Abstract: Abstract: This paper aims at analyzing the security issues that lie in the
application layer (AL) protocols when users connect to the Internet via a
wireless local area network (WLAN) through an access point. When adversaries
launch deauthentication flood attacks cutting users' connection,
the connection managers will automatically re-search the last access point's
extended service set identifier (ESSID) and then re-establish connection.
However, such re-connection can lead the users to a fake access point with
the same ESSID set by attackers. As the attackers hide behind users' access
points, they can pass AL's authentication and security schemes, e.g. secure
socket layer (SSL). We have proved that they can even spy on users' account
details, passwords, data and privacy.

Key words: man-in-the-middle (MITM) attacks, session hijacking, wireless
local area network (WLAN)

中图分类号:

TP 393.1

YANG Ming-hour (杨明豪). Security Analysis of Application Layer Protocols on Wireless Local Area
Networks[J]. 上海交通大学学报（英文版）, 2011, 16(5): 586-592.

YANG Ming-hour (杨明豪). Security Analysis of Application Layer Protocols on Wireless Local Area
Networks[J]. Journal of shanghai Jiaotong University (Science), 2011, 16(5): 586-592.

参考文献

1 Nessus. Tenable passive vulnerability scanner [EB/OL]. (2011-2-9).

http://www.nessus.org/pro\-ducts/tenable-passive-vulnerability-scanner.
2 Gorden A L, Loeb P M, Lucyshyn M, et al. Computer crime and security survey [R]. USA: CSI/FBI, 2006.
3 NIST SP800-48, Wireless network security: 802.11, bluetooth, and handheld devices [S].
4 GAO. Information security: Federal agencies need to improve controls over wireless networks [R]. USA: Government Accountability Office, 2005.
5 Shieh Shiuh-pyng. Security and privacy on wireless networks [J]. Science Monthly, 2005, 36(2): 444-447 (in Chinese).
6 Walker J. 802.11, security series part III: AES-based encapsulations of 802.11 data [EB/OL]. (2011-2-27). http://jcbserver.uwaterloo.ca/cs436/nandouts/ miscellaneous/Intel Wireless 3.pdf.
7 Cam-Winget C, Housley R, Wagner D, et al. Security flaws in 802.11 data link protocols [J]. Communications of the ACM, 2003, 46(5): 35-39.
8 Baek K H, Smith S W, Kotz D. A survey of WPA and 802.11i RSN authentication protocols [R]. USA: Dartmouth College Computer Science, 2004.
9 Chou Hung-Lin. Analysis of WPA security

[EB/OL]. (2011-3-5). http://lee-1.com/hlchou/WLANWPA. html.
10Wi-Fi Alliance. Wi-Fi is everywhere [EB/OL]. (2011-4-10).

http://www.wifialliance.org/OpenSection/pdf/ WPA_NI_2003-Pres.pdf.
11 Takahashi T. WPA passive dictionary attack overview (white paper) [R]. USA: Georgia Tech Information Security Center, 2004.
12 Wireless NewsFactor. Wireless 'smart glass' knows when you need a

drink [EB/OL]. (2011-3-14).

http://www.wirelessnewsfactor.com/perl/story/17133. html.
13WNN Wi-Fi Net. Weakness in passphrase choice in WPA interface [EB/OL]. (2011-1-18). http:// wifinetnews.com/archives/002452.html.
14 NIST. National vulnerability database [EB/OL]. (2011-1-14). http://nvd.nist.gov.

...

Security Analysis of Application Layer Protocols on Wireless Local Area
Networks

Security Analysis of Application Layer Protocols on Wireless Local Area
Networks

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价

Security Analysis of Application Layer Protocols on Wireless Local Area Networks

Security Analysis of Application Layer Protocols on Wireless Local Area Networks

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价

Security Analysis of Application Layer Protocols on Wireless Local Area
Networks

Security Analysis of Application Layer Protocols on Wireless Local Area
Networks