Abstract
This paper aims at analyzing the security issues that lie in the application layer (AL) protocols when users connect to the Internet via a wireless local area network (WLAN) through an access point. When adversaries launch deauthentication flood attacks cutting users’ connection, the connection managers will automatically research the last access point’s extended service set identifier (ESSID) and then re-establish connection. However, such re-connection can lead the users to a fake access point with the same ESSID set by attackers. As the attackers hide behind users’ access points, they can pass AL’s authentication and security schemes, e.g. secure socket layer (SSL). We have proved that they can even spy on users’ account details, passwords, data and privacy.
Similar content being viewed by others
References
Nessus. Tenable passive vulnerability scanner [EB/OL]. (2011-2-9). http://www.nessus.org/products/tenable-passive-vulnerability-scanner.
Gorden A L, Loeb P M, Lucyshyn M, et al. Computer crime and security survey [R]. USA: CSI/FBI, 2006.
NIST SP800-48, Wireless network security: 802.11, bluetooth, and handheld devices [S].
GAO. Information security: Federal agencies need to improve controls over wireless networks [R]. USA: Government Accountability Office, 2005.
Shieh Shiuh-pyng. Security and privacy on wireless networks [J]. Science Monthly, 2005, 36(2): 444–447 (in Chinese).
Walker J. 802.11, security series part III: AES-based encapsulations of 802.11 data [EB/OL]. (2011-2-27). http://jcbserver.uwaterloo.ca/cs436/nandouts/miscellaneous/IntelWireless 3.pdf.
Cam-Winget C, Housley R, Wagner D, et al. Security flaws in 802.11 data link protocols [J]. Communications of the ACM, 2003, 46(5): 35–39.
Baek K H, Smith S W, Kotz D. A survey of WPA and 802.11i RSN authentication protocols [R]. USA: Dartmouth College Computer Science, 2004.
Chou Hung-Lin. Analysis of WPA security [EB/OL]. (2011-3-5). http://lee-1.com/hlchou/WLANWPA.html.
Wi-Fi Alliance. Wi-Fi is everywhere [EB/OL]. (2011-4-10). http://www.wifialliance.org/OpenSection/pdf/WPANI2003-Pres.pdf.
Takahashi T. WPA passive dictionary attack overview (white paper) [R]. USA: Georgia Tech Information Security Center, 2004.
Wireless NewsFactor. Wireless ’smart glass’ knows when you need a drink [EB/OL]. (2011-3-14). http://www.wirelessnewsfactor.com/perl/story/17133.html.
WNN Wi-Fi Net. Weakness in passphrase choice in WPA interface [EB/OL]. (2011-1-18). http://wifinetnews.com/archives/002452.html.
NIST. National vulnerability database [EB/OL]. (2011-1-14). http://nvd.nist.gov.
Cisco Security Advisory. Multiple vulnerabilities in the Cisco wireless LAN controller and Cisco lightweight access points [EB/OL]. (2011-5-2). http://www.cisco.com/warp/public/707/cisco-sa-20070412-wlc.shtml.
AusCert. AA-2004.02-Denial of service vulnerability in IEEE 802.11 wireless devices [EB/OL]. (2011-4-23). http://www.auscert.org.au.
Remote-Exploit org. Hotspotter-automatic wireless client penetration [EB/OL]. (2011-2-15). http://www.remote-exploit.org/codeshotspotter.html.
Taiwan Computer Emergency Response Team/Coordination Center (TWCERT/CC). White paper on 802.11wireless network security [EB/OL]. (2011-3-20). http://www.cert.org.tw/document/docfile/Wireless_Security.pdf (in Chinese).
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: the National Science Council (No. NSC-99-2219-E-033-001), and the Foundation of the Chung Yuan Christian University (1004) (No. CYCUEECS. 9801)
Rights and permissions
About this article
Cite this article
Yang, Mh. Security analysis of application layer protocols on wireless local area networks. J. Shanghai Jiaotong Univ. (Sci.) 16, 586–592 (2011). https://doi.org/10.1007/s12204-011-1193-5
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12204-011-1193-5