AUTHENTICATION METHOD WPA/WPA2 KEY PARAMETERS’ DEFINITION FOR IEEE 802.11 BASED HONEYPOT
as their clients are mobile and zone of control is not limited. Wrong configuration of honeypot may become its usage disinterested inside
automated system especially it is applicable to honeypots for IEEE 802.11 wireless networks. Honeypot with open (no authentication)
method or with low security may be suspicious for experienced attacker otherwise, it become easy prey for attackers whose goal is just access
to Internet. On the other hand, usage of honeypot with strong security level make no sense as well, as this model will become unconquerable
for attackers. Most protected access points use authentication method WPA2, usage of which may assure attacker that he/she attacks legitimate system.
Objective. The goal of the researching work is to develop diagnostic model for honeypots in IEEE 802.11 wireless networks, which is
conditionally secured by authentication method WPA/WPA2. Proposed model can help to assess possibility to leverage known WPA vulnerabilities by attacker on access point with given configuration.
Method. An evaluation method of attacker’s qualification and its technical set of equipment in way of WPA/WPA2 encryption key
selection for wireless honeypot is offered. Implementation of this method allows to reach load reduction on honeypot what will provide an
illusion of system authenticity for attacker. Method of distributed brute force attack on authentication method WPA/WPA2 that provides
diagnostic of Wi-Fi honeypot for encryption key resistance is offered. A Comparison between hardware virtualization and OS-level virtualization
is provided under the identical conditions in scope of WPA2 handshake brute force task.
Results. Optimal conditions for providing brute force attack in virtual environment are obtained, what can give possibility to quickly
assess security level honeypot. This information can be used to understand how qualified attacker should be.
Conclusions. A method of key perseverance assessment for authentication method WPA/WPA2 in IEEE 802.11 wireless network is
proposed, for interaction with attacker with needed qualification level and computing resources. A method of IEEE 802.11 wireless networks
security assessment using Analytics Hierarchy Process got further development. The scalable environment for honeypots assessment providing is offered. The method of wordlist generation and rotation that are delivered to assessment system is proposed, what can help to exclude key reduplication what in its turn will help to speedup of assessment results.
Full Text:PDF (Українська)
Lijuan Z., Qingxin W. A Network Security Evaluation Method
based on FUZZY and RST, 2010 2nd International Conference
on Education Technology and Computer (ICETC), 22–24 June
: proceedings. Shanghai, China, IEEE, 2010, pp. 40–44.
Runfu Z., Lianfen H., Mingbo X. Security for Wireless Network
Based on Fuzzy-AHP with Variable Weight, 2010 Second
International Conference on Networks Security, Wireless
Communications and Trusted Computing, 24–25 April 2010 :
proceedings. Wuhan, Hubei, China, IEEE, 2010, Vol. 2, pp. 490–
Ying-Chiang C., Jen-Yi P. Hybrid Network Defense Model Based
on Fuzzy Evaluation, The Scientific World Journal, 2014, Vol.
, pp. 1–12.
Goel R., Sardana A., Joshi R. C. Wireless Honeypot: Framework,
Architectures and Tools, International Journal of Network Security,
, Vol. 15, No. 5, pp. 373–383.
Dudykevych V. B., Piskozub A. Z., Tymoshyk N. P., Tymoshyk
R. P., Dutkevych T. V. Metody ta zasoby analizu systemprymanok
v procesi zlamu, Naukovo-tehnichnyui zhurnal «Zahyst
informatsii», 2009, No. 1, pp. 27–31.
Ajah I. A. Evaluation of Enhanced Security Solutions in 802.11-
Based Networks, International Journal of Network Security & Its
Applications (IJNSA), 2014, Vol. 6, No. 4, pp. 29–42.
Banakh R., Piskozub A., Stefinko Y. External elements of honeypot
for wireless network, Modern Problems of Radio Engineering,
Telecommunications, and Computer Science, Proceedings of the
XIIIth International Conference TCSET’2016. 23–26 February
: proceedings. Lviv-Slavsko, Ukraine, Lviv Publishing House
of Lviv Polytechnic, 2016, pp. 480–482.
Banakh R. Wi-Fi Honeypot as a service. Conception of business
model, Engineer of XXI century : VI inter university conference
of students, PHD students and young scientists, 02 December
: proceedings. Bielsko-Biała, Poland : dr inż. Jacek
Rysiński, 2016, pp. 59–64.
Morabito R., Kj llman J., Komu M. Hypervisors vs. Lightweight
Virtualization: a Performance Comparison, 2015 IEEE
International Conference on Cloud Engineering: First
International Workshop on Container Technologies and Container
Clouds, 19 March 2015: proceedings. Tempe, Arizona, IC2E,
, pp. 386–393.
GOST Style Citations
2. Runfu Z. Security for Wireless Network Based on Fuzzy-AHP
with Variable Weight / Z. Runfu, H. Lianfen, X. Mingbo // 2010
Second International Conference on Networks Security, Wireless Communications and Trusted Computing, 24–25 April 2010 : proceedings. – Wuhan, Hubei, China : IEEE, 2010. Vol. 2. – P. 490–493.
3. Ying-Chiang C. Hybrid Network Defense Model Based on Fuzzy Evaluation / C. Ying-Chiang, P Jen-Yi // The Scientific World Journal, 2014. – Vol. 2014. – P. 1-12.
4. Goel R. Wireless Honeypot: Framework, Architectures and Tools / R. Goel, A. Sardana, R. C. Joshi // International Journal of Network Security, 2013. – Vol. 15, No. 5. – P. 373–383.
5. Методи та засоби аналізу систем-приманок в процесі зламу / [В. Б. Дудикевич, А. З. Піскозуб, Н. П. Тимошик и др.] //Науково-технічний журнал «Захист інформації». – 2009. – № 1. – С. 27–31.
6. Ajah I. A. Evaluation of Enhanced Security Solutions in 802.11- Based Networks / I. A. Ajah // International Journal of Network Security & Its Applications (IJNSA). – 2014. – Vol. 6, No. 4. – P. 29–42.
7. Banakh R. External elements of honeypot for wireless network / R. Banakh, A. Piskozub, Y. Stefinko // Modern Problems of Radio Engineering, Telecommunications, and Computer Science: Proceedings of the XIIIth International Conference TCSET’2016. 23–26 February 2016 : proceedings. – Lviv-Slavsko, Ukraine : Lviv Publishing House of Lviv Polytechnic, 2016. – P. 480–482.
8. Banakh. R. Wi-Fi Honeypot as a service. Conception of business model / R. Banakh // Engineer of XXI century : VI inter university conference of students, PHD students and young scientists, 02 December 2016 : proceedings. – Bielsko-Biała, Poland : dr inż. Jacek Rysiński, 2016. – P. 59–64.
9. Morabito R. Hypervisors vs. Lightweight Virtualization: a
Performance Comparison / R. Morabito, J. Kj llman, M. Komu
// 2015 IEEE International Conference on Cloud Engineering:
First International Workshop on Container Technologies and
Container Clouds, 19 March 2015: proceedings. – Tempe, Arizona : IC2E, 2015. – P. 386–393.
Copyright (c) 2018 R. I. Banakh
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Address of the journal editorial office:
Editorial office of the journal «Radio Electronics, Computer Science, Control»,
Zaporizhzhya National Technical University,
Zhukovskiy street, 64, Zaporizhzhya, 69063, Ukraine.
Telephone: +38-061-769-82-96 – the Editing and Publishing Department.
The reference to the journal is obligatory in the cases of complete or partial use of its materials.