Exception triggered DoS attacks on wireless networks

Yao Zhao; Sagar Vemuri; Jiazhen Chen; Yan Chen; Hai Zhou; Zhi Fu

doi:10.1109/DSN.2009.5270358

Exception triggered DoS attacks on wireless networks

Yao Zhao^*, Sagar Vemuri, Jiazhen Chen, Yan Chen, Hai Zhou, Zhi Fu

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

7 Scopus citations

Abstract

Security protocols are not as secure as we assumed. In this paper, we identified a practical way to launch DoS attacks on security protocols by triggering exceptions. Through experiments, we show that even the latest strongly authenticated protocols such as PEAP, EAP-TLS and EAP-TTLS are vulnerable to these attacks. Real attacks have been implemented and tested against TLS-based EAP protocols, the major family of security protocols for Wireless LAN, as well as the Return Routability of Mobile IPv6, an emerging lightweight security protocol in new IPv6 infrastructure. DoS attacks on PEAP, one popular TLS-based EAP protocol were performed and tested on a major university's wireless network, and the attacks were highly successful. We further tested the scalability of our attack through a series of ns-2 simulations. Countermeasures for detection of such attacks and improvements of the protocols to overcome these types of DoS attacks are also proposed and verified experimentally.

Original language	English (US)
Title of host publication	Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009
Pages	13-22
Number of pages	10
DOIs	https://doi.org/10.1109/DSN.2009.5270358
State	Published - 2009
Event	2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009 - Lisbon, Portugal Duration: Jun 29 2009 → Jul 2 2009

Publication series

Name	Proceedings of the International Conference on Dependable Systems and Networks

Other

Other	2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009
Country/Territory	Portugal
City	Lisbon
Period	6/29/09 → 7/2/09

ASJC Scopus subject areas

Software
Hardware and Architecture
Computer Networks and Communications

Access to Document

10.1109/DSN.2009.5270358

Cite this

Zhao, Y., Vemuri, S., Chen, J., Chen, Y., Zhou, H., & Fu, Z. (2009). Exception triggered DoS attacks on wireless networks. In Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009 (pp. 13-22). [5270358] (Proceedings of the International Conference on Dependable Systems and Networks). https://doi.org/10.1109/DSN.2009.5270358

@inproceedings{a636a5589cf84a2aaa1f2e412829f810,

title = "Exception triggered DoS attacks on wireless networks",

abstract = "Security protocols are not as secure as we assumed. In this paper, we identified a practical way to launch DoS attacks on security protocols by triggering exceptions. Through experiments, we show that even the latest strongly authenticated protocols such as PEAP, EAP-TLS and EAP-TTLS are vulnerable to these attacks. Real attacks have been implemented and tested against TLS-based EAP protocols, the major family of security protocols for Wireless LAN, as well as the Return Routability of Mobile IPv6, an emerging lightweight security protocol in new IPv6 infrastructure. DoS attacks on PEAP, one popular TLS-based EAP protocol were performed and tested on a major university's wireless network, and the attacks were highly successful. We further tested the scalability of our attack through a series of ns-2 simulations. Countermeasures for detection of such attacks and improvements of the protocols to overcome these types of DoS attacks are also proposed and verified experimentally.",

author = "Yao Zhao and Sagar Vemuri and Jiazhen Chen and Yan Chen and Hai Zhou and Zhi Fu",

year = "2009",

doi = "10.1109/DSN.2009.5270358",

language = "English (US)",

isbn = "9781424444212",

series = "Proceedings of the International Conference on Dependable Systems and Networks",

pages = "13--22",

booktitle = "Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009",

note = "2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009 ; Conference date: 29-06-2009 Through 02-07-2009",

}

Zhao, Y, Vemuri, S, Chen, J, Chen, Y , Zhou, H & Fu, Z 2009, Exception triggered DoS attacks on wireless networks. in Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009., 5270358, Proceedings of the International Conference on Dependable Systems and Networks, pp. 13-22, 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009, Lisbon, Portugal, 6/29/09. https://doi.org/10.1109/DSN.2009.5270358

Exception triggered DoS attacks on wireless networks. / Zhao, Yao; Vemuri, Sagar; Chen, Jiazhen et al.
Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009. 2009. p. 13-22 5270358 (Proceedings of the International Conference on Dependable Systems and Networks).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Exception triggered DoS attacks on wireless networks

AU - Zhao, Yao

AU - Vemuri, Sagar

AU - Chen, Jiazhen

AU - Chen, Yan

AU - Zhou, Hai

AU - Fu, Zhi

PY - 2009

Y1 - 2009

N2 - Security protocols are not as secure as we assumed. In this paper, we identified a practical way to launch DoS attacks on security protocols by triggering exceptions. Through experiments, we show that even the latest strongly authenticated protocols such as PEAP, EAP-TLS and EAP-TTLS are vulnerable to these attacks. Real attacks have been implemented and tested against TLS-based EAP protocols, the major family of security protocols for Wireless LAN, as well as the Return Routability of Mobile IPv6, an emerging lightweight security protocol in new IPv6 infrastructure. DoS attacks on PEAP, one popular TLS-based EAP protocol were performed and tested on a major university's wireless network, and the attacks were highly successful. We further tested the scalability of our attack through a series of ns-2 simulations. Countermeasures for detection of such attacks and improvements of the protocols to overcome these types of DoS attacks are also proposed and verified experimentally.

AB - Security protocols are not as secure as we assumed. In this paper, we identified a practical way to launch DoS attacks on security protocols by triggering exceptions. Through experiments, we show that even the latest strongly authenticated protocols such as PEAP, EAP-TLS and EAP-TTLS are vulnerable to these attacks. Real attacks have been implemented and tested against TLS-based EAP protocols, the major family of security protocols for Wireless LAN, as well as the Return Routability of Mobile IPv6, an emerging lightweight security protocol in new IPv6 infrastructure. DoS attacks on PEAP, one popular TLS-based EAP protocol were performed and tested on a major university's wireless network, and the attacks were highly successful. We further tested the scalability of our attack through a series of ns-2 simulations. Countermeasures for detection of such attacks and improvements of the protocols to overcome these types of DoS attacks are also proposed and verified experimentally.

UR - http://www.scopus.com/inward/record.url?scp=70449878083&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=70449878083&partnerID=8YFLogxK

U2 - 10.1109/DSN.2009.5270358

DO - 10.1109/DSN.2009.5270358

M3 - Conference contribution

AN - SCOPUS:70449878083

SN - 9781424444212

T3 - Proceedings of the International Conference on Dependable Systems and Networks

SP - 13

EP - 22

BT - Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009

T2 - 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009

Y2 - 29 June 2009 through 2 July 2009

ER -

Exception triggered DoS attacks on wireless networks

Abstract

Publication series

Other

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this