| With the rapid development of mobile Internet in recent years, the application of Wireless Local Area Network(WLAN) has gained great popularity. But because of the characteristic of open medium and the defect of protocol, WLAN is always threatened by various security issues,in which Denial of Service(DoS) attack is a serious one.Based on the analysis of the characteristics of DoS attacks in WLAN, a detection method based on finite state machine is proposed. By building state transition model for the connection status changes between client and access point through the WLAN security protocol execution process, we define sequential shift as the expected behavior and negative shift, positive shift, zero shift and unexpected frames as anomaly behavior. By comparing the number of anomly behavior with a threshold, we can determine whether there is a DoS attack or not. In order to adapt detection method to the change of network environment, an adaptive threshold adjustment algorithm is proposed. For authentication request, association request and deauthentication, disassociation which are two types of common DoS attacks in WLAN, we separately propose a prevention scheme based on broadcast client puzzle mechanism and a prevention scheme based on discrete logarithm problem and analyze the security and performance of the prevention schemes.By adding a pre-processing plugin in open source intrusion detection system snort-wireless, we implement the detection method. After testing it shows that the proposed detection method has a good ability of detecting DoS attacks. By modifying the open source driver program of wireless network card, we embed the prevention parameters inside existing frame structure and implement the two schemes. After test comparing with the existing protocol, it indicates that the proposed schemes can successfully defend the DoS attacks in the experiment. |
PDF Full Text Request