AUTHENTICATION METHOD WPA/WPA2 KEY PARAMETERS’ DEFINITION FOR IEEE 802.11 BASED HONEYPOT

Authors

  • R. I. Banakh Lviv Polytechnic National University, Lviv, Ukraine, Ukraine

DOI:

https://doi.org/10.15588/1607-3274-2018-1-13

Keywords:

IEEE 802.11, Wi-Fi, honeypot, security assessment, analytic hierarchy process.

Abstract

Context. An issue of correct configuration of honeypots is still opened, especially it is about honeypots that simulate wireless networks
as their clients are mobile and zone of control is not limited. Wrong configuration of honeypot may become its usage disinterested inside
automated system especially it is applicable to honeypots for IEEE 802.11 wireless networks. Honeypot with open (no authentication)
method or with low security may be suspicious for experienced attacker otherwise, it become easy prey for attackers whose goal is just access
to Internet. On the other hand, usage of honeypot with strong security level make no sense as well, as this model will become unconquerable
for attackers. Most protected access points use authentication method WPA2, usage of which may assure attacker that he/she attacks legitimate system.
Objective. The goal of the researching work is to develop diagnostic model for honeypots in IEEE 802.11 wireless networks, which is
conditionally secured by authentication method WPA/WPA2. Proposed model can help to assess possibility to leverage known WPA vulnerabilities by attacker on access point with given configuration.
Method. An evaluation method of attacker’s qualification and its technical set of equipment in way of WPA/WPA2 encryption key
selection for wireless honeypot is offered. Implementation of this method allows to reach load reduction on honeypot what will provide an
illusion of system authenticity for attacker. Method of distributed brute force attack on authentication method WPA/WPA2 that provides
diagnostic of Wi-Fi honeypot for encryption key resistance is offered. A Comparison between hardware virtualization and OS-level virtualization
is provided under the identical conditions in scope of WPA2 handshake brute force task.
Results. Optimal conditions for providing brute force attack in virtual environment are obtained, what can give possibility to quickly
assess security level honeypot. This information can be used to understand how qualified attacker should be.
Conclusions. A method of key perseverance assessment for authentication method WPA/WPA2 in IEEE 802.11 wireless network is
proposed, for interaction with attacker with needed qualification level and computing resources. A method of IEEE 802.11 wireless networks
security assessment using Analytics Hierarchy Process got further development. The scalable environment for honeypots assessment providing is offered. The method of wordlist generation and rotation that are delivered to assessment system is proposed, what can help to exclude key reduplication what in its turn will help to speedup of assessment results.

References

Lijuan Z., Qingxin W. A Network Security Evaluation Method

based on FUZZY and RST, 2010 2nd International Conference

on Education Technology and Computer (ICETC), 22–24 June

: proceedings. Shanghai, China, IEEE, 2010, pp. 40–44.

Runfu Z., Lianfen H., Mingbo X. Security for Wireless Network

Based on Fuzzy-AHP with Variable Weight, 2010 Second

International Conference on Networks Security, Wireless

Communications and Trusted Computing, 24–25 April 2010 :

proceedings. Wuhan, Hubei, China, IEEE, 2010, Vol. 2, pp. 490–

Ying-Chiang C., Jen-Yi P. Hybrid Network Defense Model Based

on Fuzzy Evaluation, The Scientific World Journal, 2014, Vol.

, pp. 1–12.

Goel R., Sardana A., Joshi R. C. Wireless Honeypot: Framework,

Architectures and Tools, International Journal of Network Security,

, Vol. 15, No. 5, pp. 373–383.

Dudykevych V. B., Piskozub A. Z., Tymoshyk N. P., Tymoshyk

R. P., Dutkevych T. V. Metody ta zasoby analizu systemprymanok

v procesi zlamu, Naukovo-tehnichnyui zhurnal «Zahyst

informatsii», 2009, No. 1, pp. 27–31.

Ajah I. A. Evaluation of Enhanced Security Solutions in 802.11-

Based Networks, International Journal of Network Security & Its

Applications (IJNSA), 2014, Vol. 6, No. 4, pp. 29–42.

Banakh R., Piskozub A., Stefinko Y. External elements of honeypot

for wireless network, Modern Problems of Radio Engineering,

Telecommunications, and Computer Science, Proceedings of the

XIIIth International Conference TCSET’2016. 23–26 February

: proceedings. Lviv-Slavsko, Ukraine, Lviv Publishing House

of Lviv Polytechnic, 2016, pp. 480–482.

Banakh R. Wi-Fi Honeypot as a service. Conception of business

model, Engineer of XXI century : VI inter university conference

of students, PHD students and young scientists, 02 December

: proceedings. Bielsko-Biała, Poland : dr inż. Jacek

Rysiński, 2016, pp. 59–64.

Morabito R., Kj llman J., Komu M. Hypervisors vs. Lightweight

Virtualization: a Performance Comparison, 2015 IEEE

International Conference on Cloud Engineering: First

International Workshop on Container Technologies and Container

Clouds, 19 March 2015: proceedings. Tempe, Arizona, IC2E,

, pp. 386–393.

Downloads

How to Cite

Banakh, R. I. (2018). AUTHENTICATION METHOD WPA/WPA2 KEY PARAMETERS’ DEFINITION FOR IEEE 802.11 BASED HONEYPOT. Radio Electronics, Computer Science, Control, (1), 110–118. https://doi.org/10.15588/1607-3274-2018-1-13

Issue

No. 1 (2018): Radio Electronics, Computer Science, Control

Section

Progressive information technologies

License

Copyright (c) 2018 R. I. Banakh

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Creative Commons Licensing Notifications in the Copyright Notices

The journal allows the authors to hold the copyright without restrictions and to retain publishing rights without restrictions.

The journal allows readers to read, download, copy, distribute, print, search, or link to the full texts of its articles.

The journal allows to reuse and remixing of its content, in accordance with a Creative Commons license СС BY -SA.

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License CC BY-SA that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.