AUTHENTICATION METHOD WPA/WPA2 KEY PARAMETERS’ DEFINITION FOR IEEE 802.11 BASED HONEYPOT

R. I. Banakh

Abstract


Context. An issue of correct configuration of honeypots is still opened, especially it is about honeypots that simulate wireless networks
as their clients are mobile and zone of control is not limited. Wrong configuration of honeypot may become its usage disinterested inside
automated system especially it is applicable to honeypots for IEEE 802.11 wireless networks. Honeypot with open (no authentication)
method or with low security may be suspicious for experienced attacker otherwise, it become easy prey for attackers whose goal is just access
to Internet. On the other hand, usage of honeypot with strong security level make no sense as well, as this model will become unconquerable
for attackers. Most protected access points use authentication method WPA2, usage of which may assure attacker that he/she attacks legitimate system.
Objective. The goal of the researching work is to develop diagnostic model for honeypots in IEEE 802.11 wireless networks, which is
conditionally secured by authentication method WPA/WPA2. Proposed model can help to assess possibility to leverage known WPA vulnerabilities by attacker on access point with given configuration.
Method. An evaluation method of attacker’s qualification and its technical set of equipment in way of WPA/WPA2 encryption key
selection for wireless honeypot is offered. Implementation of this method allows to reach load reduction on honeypot what will provide an
illusion of system authenticity for attacker. Method of distributed brute force attack on authentication method WPA/WPA2 that provides
diagnostic of Wi-Fi honeypot for encryption key resistance is offered. A Comparison between hardware virtualization and OS-level virtualization
is provided under the identical conditions in scope of WPA2 handshake brute force task.
Results. Optimal conditions for providing brute force attack in virtual environment are obtained, what can give possibility to quickly
assess security level honeypot. This information can be used to understand how qualified attacker should be.
Conclusions. A method of key perseverance assessment for authentication method WPA/WPA2 in IEEE 802.11 wireless network is
proposed, for interaction with attacker with needed qualification level and computing resources. A method of IEEE 802.11 wireless networks
security assessment using Analytics Hierarchy Process got further development. The scalable environment for honeypots assessment providing is offered. The method of wordlist generation and rotation that are delivered to assessment system is proposed, what can help to exclude key reduplication what in its turn will help to speedup of assessment results.

Keywords


IEEE 802.11; Wi-Fi; honeypot; security assessment; analytic hierarchy process.

References


Lijuan Z., Qingxin W. A Network Security Evaluation Method

based on FUZZY and RST, 2010 2nd International Conference

on Education Technology and Computer (ICETC), 22–24 June

: proceedings. Shanghai, China, IEEE, 2010, pp. 40–44.

Runfu Z., Lianfen H., Mingbo X. Security for Wireless Network

Based on Fuzzy-AHP with Variable Weight, 2010 Second

International Conference on Networks Security, Wireless

Communications and Trusted Computing, 24–25 April 2010 :

proceedings. Wuhan, Hubei, China, IEEE, 2010, Vol. 2, pp. 490–

Ying-Chiang C., Jen-Yi P. Hybrid Network Defense Model Based

on Fuzzy Evaluation, The Scientific World Journal, 2014, Vol.

, pp. 1–12.

Goel R., Sardana A., Joshi R. C. Wireless Honeypot: Framework,

Architectures and Tools, International Journal of Network Security,

, Vol. 15, No. 5, pp. 373–383.

Dudykevych V. B., Piskozub A. Z., Tymoshyk N. P., Tymoshyk

R. P., Dutkevych T. V. Metody ta zasoby analizu systemprymanok

v procesi zlamu, Naukovo-tehnichnyui zhurnal «Zahyst

informatsii», 2009, No. 1, pp. 27–31.

Ajah I. A. Evaluation of Enhanced Security Solutions in 802.11-

Based Networks, International Journal of Network Security & Its

Applications (IJNSA), 2014, Vol. 6, No. 4, pp. 29–42.

Banakh R., Piskozub A., Stefinko Y. External elements of honeypot

for wireless network, Modern Problems of Radio Engineering,

Telecommunications, and Computer Science, Proceedings of the

XIIIth International Conference TCSET’2016. 23–26 February

: proceedings. Lviv-Slavsko, Ukraine, Lviv Publishing House

of Lviv Polytechnic, 2016, pp. 480–482.

Banakh R. Wi-Fi Honeypot as a service. Conception of business

model, Engineer of XXI century : VI inter university conference

of students, PHD students and young scientists, 02 December

: proceedings. Bielsko-Biała, Poland : dr inż. Jacek

Rysiński, 2016, pp. 59–64.

Morabito R., Kj llman J., Komu M. Hypervisors vs. Lightweight

Virtualization: a Performance Comparison, 2015 IEEE

International Conference on Cloud Engineering: First

International Workshop on Container Technologies and Container

Clouds, 19 March 2015: proceedings. Tempe, Arizona, IC2E,

, pp. 386–393.


GOST Style Citations


1. Lijuan Z. A Network Security Evaluation Method based on FUZZY and RST / Z. Lijuan, W. Qingxin // 2010 2nd International Conference on Education Technology and Computer (ICETC). 22–24 June 2010 : proceedings. – Shanghai, China : IEEE, 2010, P. 40–44.
2. Runfu Z. Security for Wireless Network Based on Fuzzy-AHP
with Variable Weight / Z. Runfu, H. Lianfen, X. Mingbo // 2010
Second International Conference on Networks Security, Wireless Communications and Trusted Computing, 24–25 April 2010 : proceedings. – Wuhan, Hubei, China : IEEE, 2010. Vol. 2. – P. 490–493.
3. Ying-Chiang C. Hybrid Network Defense Model Based on Fuzzy Evaluation / C. Ying-Chiang, P Jen-Yi // The Scientific World Journal, 2014. – Vol. 2014. – P. 1-12.
4. Goel R. Wireless Honeypot: Framework, Architectures and Tools / R. Goel, A. Sardana, R. C. Joshi // International Journal of Network Security, 2013. – Vol. 15, No. 5. – P. 373–383.
5. Методи та засоби аналізу систем-приманок в процесі зламу / [В. Б. Дудикевич, А. З. Піскозуб, Н. П. Тимошик и др.] //Науково-технічний журнал «Захист інформації». – 2009. – № 1. – С. 27–31.
6. Ajah I. A. Evaluation of Enhanced Security Solutions in 802.11- Based Networks / I. A. Ajah // International Journal of Network Security & Its Applications (IJNSA). – 2014. – Vol. 6, No. 4. – P. 29–42.
7. Banakh R. External elements of honeypot for wireless network / R. Banakh, A. Piskozub, Y. Stefinko // Modern Problems of Radio Engineering, Telecommunications, and Computer Science: Proceedings of the XIIIth International Conference TCSET’2016. 23–26 February 2016 : proceedings. – Lviv-Slavsko, Ukraine : Lviv Publishing House of Lviv Polytechnic, 2016. – P. 480–482.
8. Banakh. R. Wi-Fi Honeypot as a service. Conception of business model / R. Banakh // Engineer of XXI century : VI inter university conference of students, PHD students and young scientists, 02 December 2016 : proceedings. – Bielsko-Biała, Poland : dr inż. Jacek Rysiński, 2016. – P. 59–64.
9. Morabito R. Hypervisors vs. Lightweight Virtualization: a
Performance Comparison / R. Morabito, J. Kj llman, M. Komu
// 2015 IEEE International Conference on Cloud Engineering:
First International Workshop on Container Technologies and
Container Clouds, 19 March 2015: proceedings. – Tempe, Arizona : IC2E, 2015. – P. 386–393.




DOI: https://doi.org/10.15588/1607-3274-2018-1-13



Copyright (c) 2018 R. I. Banakh

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Address of the journal editorial office:
Editorial office of the journal «Radio Electronics, Computer Science, Control»,
Zaporizhzhya National Technical University, 
Zhukovskiy street, 64, Zaporizhzhya, 69063, Ukraine. 
Telephone: +38-061-769-82-96 – the Editing and Publishing Department.
E-mail: rvv@zntu.edu.ua

The reference to the journal is obligatory in the cases of complete or partial use of its materials.