Accession Number:

ADA422361

Title:

Session Hijacking Attacks in Wireless Local Area Networks

Descriptive Note:

Master' thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2004-03-01

Pagination or Media Count:

151.0

Abstract:

Wireless Local Area Network WLAN technologies are becoming widely used since they provide more flexibility and availability, Unfortunately, it is possible for WLANs to be implemented with security flaws which are not addressed in the original 802.11 specification, IEEE formed a working group TGi to provide a complete solution code named 802.11i standard to all the security problems of the WLANs, The group proposed using 802.1X as an interim solution to the deficiencies in WLAN authentication and key management, The full 802. 11i standard is expected to be finalized by the end of 2004, Although 802.1X provides a better authentication scheme than the original 802.11 security solution, it is still vulnerable to denial-of-service, session hijacking, and man-in- the-middle attacks, Using an open-source 802.lx test-bed, this thesis evaluates various session hijacking mechanisms through experimentation, The main conclusion is that the risk of session hijacking attack is significantly reduced with the new security standard 802.11i however, the new standard will not resolve all of the problems, An attempt to launch a session hijacking attack against the new security standard will not succeed, although it will result in a denial-of-service attack against the user,

Subject Categories:

  • Computer Systems

Distribution Statement:

APPROVED FOR PUBLIC RELEASE