| Wireless local area network has obtained rapid development because of itsadvantages, and more and more users began using wireless devices to access to theInternet. However, the limitations of wireless local area network lead to more serioussafety problems compared with the wired network. The IEEE802.11i protocol has littleconsiderationin about the effectiveness of protocol, especially in the accession andauthentication of WLAN. The openness of the wireless local area network and thelimitation in resources make the wireless access point AP be vulnerable to the denial ofservice attack, and AP will be the preferred target for DoS attackers. In order to solvethe problems above,we research on the technologys and methods to anti-DoS inWLAN accession and authentication.In this thesis,we mainly focus on request and authentication request flood DoSattacks. A beacon and extracting square roots based DoS-resistant scheme of IEEE802.11i wireless authentication protocol is proposed to improve the DoS-resistantability of IEEE802.11i wireless networks. The feature of our method is using beaconframe to distribute the parameters of cryptographic puzzle on the basis of extractingsquare roots, and using MAC address to increase the difference between solutions. Bylistening on the wireless channels to get the AP’s beacon frame, users construct apuzzle with the seed in the beacon frame and solve it by brute-force computation. Thesolution which is sent by authentication request is composed of the answers to thepuzzle and other parameters of the puzzle. Whether providing the association to astation depends on the verification of puzzle by AP. This method keeps a good resourcebalance between the AP and stations, reduces the affection of resource depletion attackand the potential resource-exhausting in traditional client puzzle scheme.Although wireless devices now have good computational ability, but in solvingthe resource consumption puzzle, it still need to consume a lot of computing resource,also a certain amount of time to solve the puzzle. Especially, when accessing to thewireless network, the wireless devices with different computational power have to dothe same amount of computation. Aiming at this problem, combined with the RFIDlabel features, we design a method in which RFID tags to solve puzzle for every user’saccession in each request, the scheme can solves the problems brought by thelimitation of the different calculation ability in different equipment. Also, the passivetags can get energy from the radiation of device in access, so it can solve the problem of power supply. |
PDF Full Text Request