A lightweight solution for defending against deauthent - PDF document

Alightweightsolutionfordefendingagainstdeauthentication/disassociationattackson802.11networksThucD.NguyenyDucH.M.NguyenyBaoN.TranyHaiVu?NeerajMittal?yVietnamNationalUniversity,HochiminhCity,Vietnam?UniversityofTexasatDallas,Richardson,TX,USAAbstractInthispaperweinvestigateaspecialtypeofdenialofservice(DoS)attackon802.11-basednetworks,namelydeauthentication/disassociationattack.InthecurrentIEEE802.11standards,wheneverawirelessstationwantstoleavethenetwork,itsendsadeauthenticationordisasso-ciationframetotheaccesspoint.Thesetwoframes,how-ever,aresentunencryptedandarenotauthenticatedbytheaccesspoint.Therefore,anattackercanlaunchaDoSat-tackbyspoongthesemessagesandthusdisablingthecom-municationbetweenthesewirelessdevicesandtheiraccesspoint.Weproposeanefcientsolutionbasedonaonewayhardfunctiontoverifythatadeauthenticationframeisfromalegitimatestation.Weimplementoursolutiononsome802.11devicesandtheexperimentalresultsshowthatourprotocolishighlyeffectiveagainstthisDoSattack.Keywords:802.11networks,Deauthentication,Disas-sociation,DoSattacks,Wirelesssecurity1.IntroductionIEEE802.11-basednetworkshavebeenverysuccessfulbecausetheyonlyrequireinexpensivehardwaredevicesop-eratingonfreespectrumwithlowcostdeployment.Duetotheirpopularity,802.11networkshavebeenthetargetforalargenumberofattacks.Researchersandindustrialcom-panieshavebeentryingtoxthevulnerabilitiesin802.11networksbyproposinganumberofprotocolsandstandards(suchasWEP,WPA,EAP,802.11i,802.1x).However,someawsarestillnotaddressedbyanyoftheseprotocols,oneofwhichisthedeauthentication/disassociationattackdescribedasfollows.802.11networkscanoperateinad-hocmodeorinfras-tructuremode.Inthispaperweareonlyconcernedwith802.11networksoperatingininfrastructuremode,inwhichawirelessclient(inthispaperweusetheterm“client”and“station”interchangeably)needstoassociatewithanac-cesspoint(AP),beforedatamessagescanbefurtherex-changed.BeforeassociatingwiththeAP,theclientneedstoauthenticateitselftotheAP.Ifastation(STA)wantstodisassociatewithanAP,itsendsadisassociationframetothatAP.Incasethestationwantstogracefullyleavethenetwork,itsendsadeauthenticationframetotheAP.Sim-ilarly,whentheAPwantstodisconnectaclient,itsendsadisassociationframetothatclient.IncasetheAPwantstodisassociatewithalltheSTAs(forinstance,itrebootsbe-foreupgradingthermware),itbroadcaststhedisassocia-tionframetoallclients.However,thecurrentdescriptionof802.11standardsspeciesthatthedeauthenticationframeandthedisassociationframenotbeauthenticated.Becausethedeauthenticationanddisassociationframesareunen-cryptedandunauthenticated,anattackercaneasilyspooftheseframes(byspoongtheMACaddressoftheclientortheAP)therebydisconnectingtheclientfromtheAP,effectivelylaunchingaDoSattack.Eventhoughthedeau-thenticationframeandthedisassociationframearesimilar,spoongthedeauthenticationframeismoreeffectivesinceitrequirestheSTAsandtheAPtoperformtheauthentica-tionagaininordertoresumetheconnectivity.OnetrivialsolutiontothisvulnerabilityistomodifytheauthenticationframeworksuchthattheAPandSTAscouldauthenticateallthemanagementmessagesin802.11networks,includingthedeauthentication/disassociationframes.However,thissolutionhastwoproblems.First,millionsoflegacydevicesthathavealreadybeendeployedmaynotbeabletosupporttherequiredcryptographicprim-itivestomutuallyauthenticatethemanagementframes[15].Second,authenticatingallmanagementframesmayleadtoanewDoSattackinwhichtheattackeroodstheAPwithalargenumberofspoofedmanagementframes,depletingthecomputationresourcesoftheAP.Thus,alightweightandefcientsolutionfordefendingagainstdeauthentica-tion/disassociationattacksisdesirable.Inthispaperwepresentanewprotocolbasedonaonewayhardfunctiontodefendagainstthedeauthenti-cation/disassociationattacks,whichwenowrefertoas“Farewellattack”.Oursolutiondoesnotrequirelegacyde- vicestosupportnewcryptographicprimitives,thusitcanbewidelydeployedasanextensiontothecurrent802.11standards.Therestofthepaperisorganizedasfollows.InSection2wediscussindetailhowFarewellattackislaunchedandexistingsolutionstodefendagainstit.Wepresentoursolu-tionfordefendingagainstaFarewellattackinSection3.InSection4,weshowthatoursolutioncaneffectivelydefendagainsttheFarewellattacks.Finally,weconcludethepaperinSection5.2.Farewellattacksandrelatedwork2.1.FarewellattacksIn[14],Aslametal.describeanassociationprocessasathreestepsprocesswithfourstates:1.Unauthenticatedandunassociated2.Authenticatedandunassociated3.Authenticatedandassociated4.Authenticated,associatedand802.1xauthenticatedInitiallybothclientandAPareinstate1.Inordertojoinanetwork,aclientscansallthechannelstondanAP.AfteridentifyingthepreferredAP,theclientandtheAPperformmutualauthenticationbyexchangingseveralmes-sages.TheycaneitheruseOpenAuthenticationorSharedKeyAuthentication[13].InOpenAuthentication,thesys-temauthenticatesanyonewhorequeststojointhenetwork.InSharedKeyAuthentication,asecretkeyissharedbe-tweentheclientandtheAP.TheclientandAPgothroughasequenceofchallenge-responseinwhichthemessagemaybeencryptedwith“WEP”usingthesharedkey.Uponcom-pletionoftheauthentication,bothclientandAPmovetostate2.Instate2,theclientassociatetotheAPandbothofthemtransittostate3.Instate3,theclientcannowsenddatapacketstotheAP.However,ifthe802.1xprotocolissupported,thenthe802.1xauthenticationmessageswillbeexchangedbetweentheclientandtheAP.Onsuccess-fullynishing802.1xauthentication,boththeclientandAPmovetostate4.Notethat,onreceivingadisassociationmessagethestatemachineoftheclientandAPmovebacktostate2nomatterwheretheywereinstate4orstate3.Similarly,onreceiv-ingadeauthenticationmessage,thestatemachinestransittostate1.Onreceivingthedisassociationanddeauthenti-cationframe,theclientandAPclearstherelevantstatesandkeysinthememory.Thedeauthenticationanddisassocia-tionframesareunauthenticatedandunencrypted,thusaresourcesofpersistentawsin802.11networks.Asexplainedabove,tobreakthecommunicationbe-tweentheclientsandtheirAP,anattackercansimplysendoutaspoofeddeauthenticationordisassociationframe.ThereareanumberoftoolsthatenableanattackertospoofthesourceMACaddressofanydevice,suchas:Spoof-MAC[9],Airsnarf[2],MACChanger[7].NotethatiftheattackerspoofsadeauthenticationoradisassociationframeoftheAPwithabroadcastdestinationMACaddress,theneffectivelyallclientsassociatedtotheAPwillbediscon-nected.TheFarewellattackissimplebutcancauseseriousdam-age,becausetheattackercanstopthecommunicationusingonlylimitedresourceswithoutrequiringanyspecialtech-nicalskill.Theattackerevendoesnotneedtobreaktheauthenticationprotocolortoobtainsharedsecretkeysbe-tweentheSTAsandtheAP.Iftheattackersendsadisassoci-ationframe,thevictimclientsmustsetupanewassociationsessionwiththeAP.Iftheattackersendsadeauthentica-tionframe,thevictimSTAsmustperformanewauthenti-cationsessionwiththeAPinordertoresumeconnectivity.In[15],Bellardoetal.implementtheattacksandshowthatthisattackissimpleandeffective.Atthemoment,anum-beroftoolssuchasAirjack[1],KisMAC[5],Void11[10],WLAN-jack[11],FATA-jack[4],CommView[3]canbeusedtolaunchFarewellattack.2.2.RelatedworkThereareanumberofsolutionsthathavebeenproposedtodefendagainstFarewellattack,assummarizedin[14,17].Someoftheimportantsolutionsarediscussedbelow:Approach:eliminatingthedeauthenticationanddisas-sociationframes,orenqueueingthemforaxintervaloftime(forinstance,10seconds)[15].Issues:theremaybeaperiodoftimewhereaSTAassociateswithmultipleAPsconcurrently,whichmaycauserouting/handoffproblems[14,17].Approach:usingReverseAddressResolutionProtocol(RARP)todetectspoofedframes[16].Issues:theattackersmayspooftheIPaddressoftheclienttobreaktheRARP.Moreover,thesolutiondoesnotworkifmultipleIPaddressesareassignedtothesamenetworkcard[14,17].Approach:detectingspoofedframesbasedonframesequencenumber[22,12,18,23].Issues:ifthesequencenumberareassigneddetermin-istically,theattackermaysnifftheframessentbytheclienttopredictthesequencenumberofthenextframe[14,17].Approach:developingalightweightauthenticationprotocolformanagementframes,suchasusing1bitforauthentication[19,21].Issues:errorsinwirelessmediummaybreaktheau-thentication,andtheprobabilityofanattackertoguesstheauthenticationbitcorrectlyishigh(50%)[14,17]. Approach:modifyingthecurrentauthenticationframeworktoauthenticatedeauthenticationanddisas-sociationframes.Issues:thisrequirestheclientstobeabletosup-portthemodiedauthenticationframework.Thisisnotpossibleformillionsoflegacydevicesthatcannotsupportcryptographicprimitivesrequiredbytheau-thenticationframework[15].Moreover,iftheframe-workincludesacentralizedauthenticationserverlikein802.1x,thenthissolutionsuffersfromthesinglepointoffailureproblemandDoSattacksontheserver,whichhastoprocessalargenumberofdeauthentica-tionframesoodedbytheattacker[14,17].Wedevelopalightweightschemeforauthenticatingthemanagementframes.However,insteadofusingsequencenumber,weuseaonewayfunction,thusourschemeiscomputationallyinfeasibletobreak.ThatmeansonlythemanagementframessendbylegitimateSTAsandAPsareaccepted.Ourschemedoesnotdependonadvancecrypto-graphicprimitives,thusall802.11devicescanimplementoursolutionviarmwareupgrade.3.Solutiontodeauthentication/disassociationattacks3.1.Letter-envelopprotocolInthispaperweproposealightweightauthenticationprotocol,whichwecall“Letter-envelop”protocol,thatcandefendagainsttheFarewellattack.Theprotocolworksbasedonthe“factorizationproblem”,whichisknowntobeonewayhard:givenalargenumberN=pq(wherepandqaretwolargeprimenumbers),itiscomputationallyinfeasibletocomputepandq.However,givenpandq,itiseasytocomputeN.The“Letter-envelop”protocolisasfollows:Initially,theclientrandomlygeneratesprimesp1andq1,thencomputesN1=p1q1.Similarly,theAPgeneratesp2;q2andcomputesN2=p2q2.DuringtheauthenticationprocessbetweentheclientandtheAP,theclientsendsan“envelop”thatcontainsN1totheAP,andAPsendsan“envelop”containingN2totheclient.WhentheclientwantstodisconnectfromtheAP,itsendseitherthedeauthenticationorthedisassociationframetotheAP,togetherwithp1totheAP;wecallthisnumber“letter”.Ifthis“letter”correspondstothe“envelop”previouslysent,i.e.p1jN1(p1dividesN1)thentheframeisauthenticatedandwillbeprocessedaccordingly.Otherwise,theframeisrejected.Similarly,iftheAPwantstodisconnectfromtheclient,itsendsthedisassociation/deauthenticationframetogetherwithp2.TheSTAdisconnectsitselffromtheAPifp2jN2.The“Letter-envelop”protocolworksbecause:–Sincepandqaretwolargeprimes,eventhoughtheattackercanobtainN,itisdifcultforhertocorrectly“guess”p.Thisisbecausetheat-tackermustsolvethehard“factorization”prob-lem,whichisintractable.Spoongpwilleasilybedetected,sincethedivisionoperationN=pcanbeefcientlyperformedbythelegitimateAPandSTA.–SincethefactorizationofNisuniqueprovidedpandqareprimes(meaningthattheredoesnotexistapair(p0;q0)=(p;q)suchthatp0q0=pq=N),onlytheclientorAPwhogeneratedthe“envelop”Ncanprovethattheyarethelegitimateownerofthe“letter”p,andthuscansendthelegitimatedeauthentica-tion/disassociationframe.3.2.ImplementationofLetter-enveloppro-tocolIn802.11standards,theassociationsessionfollowstheauthentication(Figure1(a)).WemodifytheassociationprocesssuchthattheclientandtheAPcanauthenticateeachotherwhenevertheyreceiveadeauthenticationordisasso-ciationframe.Themodiedassociationsession(Figure1(b))isasfol-lows:Aftertheauthenticationisnished,theclientrandomlygeneratestwolargeprimesnumberp1andq1,com-putesN1=p1q1andincludesN1intheAssocia-tionRequestframe(byputtingthenumberintheframebody)sendingtotheAP.OnreceivingtheAssociationRequestframe,theAPcheckswhethertheAssociationID(AID)oftheclientexistsinthememory.Therearetwocases:–Case1:iftheAIDdoesnotexist,thentheSTAhasnotbeenassociatedwiththeAP.TheAPthenstoresN1inthememorycorrespondingtotheclient'srecord.Ifthisistherstclientas-sociatingtotheAP,thentheAPrandomlygen-eratestwolargeprimesp2andq2,computesN2=p2q2andincludesitintheAssociationResponseframesendingtotheclient.IfthereareclientsalreadyassociatedtotheAP,thentheAPjustsendthevalueofN2thathasbeenpreviouslysenttootherclients.NotethattheAPjustneedsonevalueofN2foralltheSTAsassociatedto APClientConnection processAuthenticationAssociationData exchangeAPClientConnection processAuthenticationData exchangeN1APClientConnection processAuthenticationGenerate p1 and q1Compute Ni = pi * qiGenerate pi and qiN1Associationrequest(a) Original Association(b) Modified AssociationN1 = p1 * q1AssociationGenerate p1 and q1(Ni,N2)(c) Modified Association (special case)N2 = p2 * q2responseis already computed Figure1.Associationprotocolit.WhenevertheAPwantstodisconnectwithallSTAs,itjustneedstobroadcastasingledisasso-ciationframecontainingN2.–Case2:TheAIDdoesexist,thentheAPdiscardstheAssociationRequestframe.OnreceivingtheAssociationResponseframe,theclientstoresN2inthememorycorrespondingtotheAPitisassociatingwith.WhentheAPreceivesthedeauthenticationframeordisassociationframewithavalueof“letter”kfromaclient,itchecksinthememorythevaluesofN1corre-spondingtothatclient.IfkjN1thentheAPclearstheinformationrelatedtothatclientinthememory. Code Reason 0 Reserved 1 Unspeciedreason 2 Previousauthenticationnolongervalid 3 Deauthenticatedbecausesendingsta-tionisleaving(orhasleft)IBSSorESS 4 Disassociatedduetoinactivity 5 DisassociatedbecauseAPisunabletohandleallcurrentlyassociatedstations 6 Class2framereceivedfromnon-authenticatedstation 7 Class3framereceivedfromnon-associatedstation 8 Disassociatedbecausesendingstationisleaving(orhasleft)BSS 9 Stationrequesting(re)associationisnotauthenticatedwithrespondingstation 10-65535 Reserved Table1.Reasoncode802.11standardsdonotspecifyanyinformationexceptsourceanddestinationMACaddressestoverifytheman-agementframes,thusanattackercouldeasilylaunchtheFarewellattacktodisconnecttheclientfromtheAP.Withthemodiedassociationprotocol,theattackercannotdothatanymore.In802.11standards,thedeauthenticationframeandthedisassociationframeincludethereasoncodeintheframebody.Eachofthereasoncode(Table1)correspondstoasituationbecauseofwhichtheframeissent.WeconsidersituationswheretheclientwantstodisassociatefromtheAPandshowhowthenewassociationprotocolcaneffec-tivelydefendagainsttheFarewellattacks:1.Theclientisleaving(reasoncode=3or8)–Theclientsendadisassociationframethatin-cludesp1totheAP–TheAPlooksforthevalueofN1thatcorre-spondstotheclientintheAIDtable.Ifsuchvaluedoesnotexist,ignoretheframe.IfN1isfound,theAPchecksifp1jN1.Ifitdoes,thenacceptandprocessthedisassociationframe,oth-erwiseignoretheframe.Inthiscase,iftheattackerattempstospoofthedis-associationframeofalegitimateclient,sheneedstheMACaddressoftheclientaswellasthecorrectvalueofp1thattheclienthasusedtocomputeN1.TheMACaddresscanbesniffed,butp1cannotbeefcientlyguessed.ThusshecannotpretendtobeanlegitimateclienttodisassociatetheclientfromtheAP.2.TheAPgoesofine(reasoncode=3)–TheAPbroadcastsadisassociationframethatin-cludesthevalueofp2toallclientsinthenetwork.–Whenreceivingthisframe,theclientcheckswhetherp2jN2.Ifitdoes,thentheclientdisasso-ciateswiththeAP,otherwiseignoretheframe.SimilarlytothecasewheretheclientdisassociateswiththeAP,iftheattackerwantstodisconnecttheclients,sheneedstocorrectlyguessp2,whichisin-tractable.Thusthisattackcannotbeeasilylaunchedbytheattacker. 3.Reasoncode=2,6,7,9.InthiscasetheclienthasnotbeenauthenticatedorhasnotbeenassociatedwiththeAP,thustheframewillbeignored.4.Reasoncode=1(unspecied).Theframewillbeig-nored.5.Reasoncode=5(APcannothandleanymoreclient).Thisisaspecialcaseandrarelyhappensinreality.However,ifsupportingthissituationisdesirable,wesuggestthemodiedprotocolasfollows.Duringtheauthentication,eachclientreceivestwovaluesfromtheAP:N2isthecommonvaluewhichcanbeusedbytheAPtobroadcasttoallclientsincaseitgoesof-ine;andNi(i3)thatcanbeusedbytheAPtodisassociateeachindividualclient.IftheAPwantstodisassociateasingleclienttoreducethenetwork'sload,itsendsthevalueofpi(i3)correspondtothatclientonly.TheclientwillaccepttodisassociatewiththeAPifpijNi(i3),otherwiseitwillignoretheframe.ThemodiedAssociationprotocolisillustratedinFigure1(c).4.Experiments4.1.Farewellattacksoncommercial802.11devicesAsdescribedinSection2,therearemanytoolsthatcanbeusedtolaunchtheFarewellattacks,basedononeprinci-ple:usingthepacketgeneratortosendpacketstotheAPortheclient.WeuseCommViewforWi[3]forourexperi-ment,sinceitenablesustocapturetheframes,modifytheframeheaderaswellasgeneratenewframestolaunchtheattack.Wecontinuouslysenddeauthenticationanddisasso-ciationframestotwocommercialAPs(PlanetADW-4301andDLINK624+)withspoofedMACaddressoflegitimateclientsandasaresulttheclientsaredisconnectedjustinlessthan2seconds.Thisresultissimilartowhathasbeenshownin[15].4.2.Farewellattacksonmodied802.11networkswithLetter-envelopprotocolInthisexperimentweimplementasimplesystemcon-sistingofoneAP,oneclientandanattacker.WesimulateonelegitimateclientassociatingtotheAPandoneattackertryingtolaunchtheFarewellattack.ThelegitimateclientandtheAPbothareinstalledwiththemodiedAssociationprotocolthatweproposed.WeuseaPCequippedwithawirelesscardtosimulatetheAP.Thefunctionalitiesofthis“AP”areexactlythesameasotheroff-the-shellAPsonthemarket.OurAPisimplementedwithtwodifferentauthen-ticationmechanisms:OpenAuthenticationandSharedKeyAuthentication.WeusethefollowingtoolsandlibraryfortheclientandAP:Madwi-0.9.3.3[8]:thisisanopensourcedevicedriverforwirelesscardsthatuseAtheroschipsetrun-ningonLinuxoperatingsystems.WereprogramthedevicedrivertomakeitworkasankernelmodulefortheclientandAPfollowing802.11standardswithmodiedAssociationprotocoldescribedabove.LibTomMath0.41[6]:thisisaplatform-independentlibraryformanipulatinglargenumbers.WemodifythislibrarysothatitcanbecompiledwithMadwiaspartofourkernelmodulefortheclientandAPrunningonLinuxoperatingsystem.Thecongurationofoursystemisasfollows:OnePC(CPU:IntelCeleron3GHz,RAM:1GB,HDD:80GB)functioningasanAP.OnePC(CPU:IntelCeleron1.73GHz,RAM:512MB,HDD:80GB)functioningasalegitimateclient.ThisclientcontinuouslysendsICMPpingpacketstotheAPtochecktheconnectionwiththeAP.OnePC(CPU:IntelCoreDuo1.6Ghz,RAM:512MB,HDD:80GB)runningCommViewforWiFitolaunchtheFarewellattack.Weconducttheexperimentasfollows.Wecontinu-ouslysenddeauthenticationanddisassociationframeswithspoofedMACaddressoftheclient(totheAP)andoftheAP(totheclient)attherateof10frames/second.IftheAPcandetecttheframetobeaspoofedframe,theywillignoretheframeandwillnotdisconnecttheclient.Otherwiseitwilldisconnecttheclientandclearinformationrelatedtothatclientinthememory.Weusedifferentsizeofprimespandqas64,128,256and512bits.ThecorrespondingvalueofN=pqwouldbe128,256,512and1024bits.Theresultsoftheexperiments(Table2)showthatoursolutioniscompletelyeffectiveagainsttheFarewellattack,noneoftheattacksissuccessful. LengthofN(bits) DefenseagainstFarewellattack AP Client 128 Yes Yes 256 Yes Yes 512 Yes Yes 1024 Yes Yes Table2.ExperimentalresultsWealsoperformmicrobenchmarkingtomeasurethetimeittakesforcommercialhandhelddevices,whichhavehardwarecongurationclosetothatofcommercialaccesspointsandwirelessstations(CPU-200Mhz,RAM-32 Mb),toperformoperationssuchasgeneratingprimes,mul-tiplication,division.Wetest2systemsasfollows:NokiaN80(CPU-220Mhz,RAM-40Mb,OS-Symbianv9.1)andNokiaN70(CPU-220Mhz,RAM-30Mb,OS-Sym-bianv8.1a).Theresultsareasfollows. Operations Time(seconds)for512bitsnumber N80 N70 Generateprimespandq 6.4863 10.8493 N=pq 0.0156 0.0232 N=p 0.0158 0.2760 Table3.MicrobenchmarkingresultsThebenchmarkingresultsindicatethatoursolutioncanbeefcientlyimplementedoncommercialproducts.OuronlyconcernisthetimeittakesfortheAPtogenerateprimesincaseitneedstouseonepairofprimeforeachclient.InthiscasewesuggestthattheAPusepseudoprimes,whicharemuchfastertogenerate.AnotheroptionisthattheAPcanpre-generateanumberofprimesandstoretheminitsdatabase.Onemayarguethattheattackercanalsopre-generatealltheprimesandtrytomatchtheprimesthattheAPgenerates.However,itisshownin[20]thattheprobabilitythatanumberwhichislessthanpisprimeisabout1=ln(p).Ifpisa512-bitnumber,thentherewillbe2512 ln(2512)=2512 512ln(2)�2512 512=2503primes.ThislargenumberofprimesmakesitinfeasiblefortheattackertostorealltheprimesinordertomatchwiththeprimesgeneratedbytheAP.5.ConclusionInthispaperweapplythefactorizationproblemtode-velopLetter-envelopprotocolwhichcanhelp802.11net-worksdefendagainstFarewellattacks.Beingemployedasanextensiontocurrent802.11standards,theprotocolcanbeeasilydeployedtotheexistingsystemsaswellasfuture802.11devices.TheAPsandclientsjustneedtoupgradethermwaretopatchourmodiedprotocol.Theexperimentalresultsshowthatourprotocoliseffec-tiveagainstFarewellattacks.However,thecurrentdevicedriverthatwemodiedonlyworksonwirelessdeviceswithAtheroschipsetrunningonLinux.Ourprotocolwouldbemorewidelyapplicableifotherhardwarevendorsupgradethedriversthatimplementourprotocolfortheirdevices.References[1]Airjack:sourceforge.net/projects/airjack.[2]Airsnarf:airsnarf.shmoo.com.[3]CommView:http://www.tamos.com/products/commwi/.[4]FATA-jack:http://www.wi-foo.com/soft/attack/fata jack.c.[5]KisMAC:binaervarianz.de/projekte.[6]LibTomMath:http://math.libtomcrypt.com/.[7]MACChanger:www.alobbs.com.[8]MadWi:http://madwi.org/.[9]SpoofMAC:www.klcconsulting.net/smac.[10]Void11:www.wlsec.net/void11.[11]WLAN-jack:802.11ninja.net.[12]F.Anjum,S.Das,P.Gopalakrishnan,L.Kant,andB.Kim.SecurityinaninsecureWLANnetwork.InInternationalConferenceonWirelessNetworks,CommunicationsandMobileComputing,pages292–297,Maui,Hawaii,June2005.[13]W.Arbaugh,N.Shankar,Y.Wan,andK.Zhang.Your802.11WirelessNetworkHasNoClothes.IEEEWirelessCommunications,9(6):44–51,December2002.[14]B.Aslam,M.Islam,andS.Khan.802.11DisassociationDoSAttackandItsSolutions:ASurvey.InProceedingsoftheFirstMobileComputingandWirelessCommunicationInternationalConference,pages221–226,Amman,Jordan,September2006.[15]J.BellardoandS.Savage.802.11Denial-of-Serviceattacks:realvulnerabilitiesandpracticalsolutions.InProceedingsofthe12thconferenceonUSENIXSecuritySymposium,pages15–28,Washington,DC,2003.[16]E.D.Cardenas.MACSpoong:Anintroduction.Inwww.giac.org/practical/GSEC.[17]ChibiaoLiu.802.11DisassociationDenialofService(DoS)attacks:www.mnlab.cs.depaul.edu/seminar/spr2005.[18]F.GuoandT.Chiueh.SequenceNumber-BasedMACAddressSpoofDetection.InProceedingsof8thInterna-tionalSymposiumonRecentAdvancesinIntrusionDetec-tion(RAID),Seattle,Washington,September2005.[19]H.Johnson,A.Nilsson,J.Fu,S.Wu,A.Chen,andH.Huang.SOLA:aone-bitidentityauthenticationpro-tocolforaccesscontrolinIEEE802.11.InProceedingsofIEEEGlobalTelecommunicationsConference(GLOBE-COM),Taipei,Taiwan,November2002.[20]K.H.Rosen.ElementaryNumberTheoryandItsApplica-tion,3rdEdition.1993.[21]H.WangandA.Velayutham.Anenhancedone-bitidentityauthenticationprotocolforaccesscontrolinIEEE802.11.InProceedingsofIEEEMilitaryCommunicationsConference(MILCOM),October.[22]E.Wright.DetectingWirelessLANMACAddressSpoong.Inhttp://forskningsnett.uninett.no/wlan/download/wlan-mac-spoof.pdf.[23]H.XiaandJ.Brustoloni.DetectingandBlockingUnau-thorizedAccessinWiNetworks.InProceedingsof3rdConferenceonNetworkingTechnologies,Services,andProtocols;PerformanceofComputerandCommunicationNetworks;MobileandWirelessCommunications,Athen,Greece,May2004.