• Journal of Digital Convergence
• /
• v.11 no.12
• /
• pp.453-458
• /
• 2013

In a wireless LAN environment, security is the most important. Security of 802.11 standard has many vulnerabilities of the network attack. IEEE has created mechanisms to security for this vulnerability. But the vulnerabilities is characteristic of broadcast in the air in wireless LAN, it is more disclosure then other network environments. In a wireless LAN environment, it can be accessed to the wireless LAN after authentication. Authentication process is one of most important because of the first security step. However, in the authentication process is not mentioned in the method of reducing the disclosure maximum fundamental. Therefore, in this research, the vulnerability of 802.11 are presented and how to do de-authentication in 802.11.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.8
• /
• pp.1768-1773
• /
• 2005

The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS, the session hijacking and the Man in the Middle attack due to the absence of AP authentication. In this paper, we propose a WLAN secure system which can offer a robust secure communication and a user authentications with the IEEE 802.1x framework. The user authentication on the WLAN secure system accomplishes mutual authentications between authentication severs, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by doing secure communication between clients and the AP by the Dynamic WEP key distribution.

• Proceedings of the Korean Information Science Society Conference
• /
• 2003.04a
• /
• pp.371-373
• /
• 2003

최근에 공공장소에서의 보다 안정적이고 고속의 무선 인터넷 접속에 대한 욕구가 커지면서 무선랜에 대한 수요가 많아지고 있고, 유무선 사업자들은 무선랜 시장을 선점하기 위해서 서비스를 서두르고 있다. 이와 같은 무선랜환경에서 안전하게 사용자를 인증하고 서비스를 제공하기 위한 표준으로 802.laa와 802.11i가 있다. 이와 같은 802.laa와 802.11i를 지원하는 액세스포인트를 위해서는 두 표준을 지원할 수 있는 라디우스 클라이언트가 필요하다. 본 논문에서는 위의 액세스포인트가 라디우스 프로토콜을 사용하여 무선단말 사용자를 인증시켜 주고 WEP(Wired Equivalent Privacy)을 위한 키를 교환할 수 있는 라디우스 클라이언트를 설계하고 구현하였다.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1983-1989
• /
• 2012

The IEEE 802.1x standard provides an architectural framework which can be used various authentication methods. But, IEEE 802.1x also has vulnerabilities about the DoS(Denial of Service), the session hijacking and the MiM(Man in the Middle) attack due to caused by structural of authentication protocol. In this paper, we propose a WLAN system which can offer safety communication by complement of IEEE 802.1x vulnerabilities. The WLAN system accomplishes mutual authentications between authentication servers, clients and the AP using PKI and prevents an illegal user from intervening in communication to disguise oneself as a client, the AP or authentication servers. Also, we guarantee the safety of the communication by the Dynamic WEP key distribution between clients and the AP.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2011.04a
• /
• pp.844-847
• /
• 2011

Wireless mesh network (WMN) is a type of mobile ad-hoc network consists of wireless router, mobile clients and gateway which connects the network with the Internet. To provide security in the network it is required to encrypt the message sent among the communicating nodes in such way so that only legitimate user can retrieve the original data. Several security mechanisms have been proposed so far to enhance the security of WMN. However, there still exists a need for a comprehensive mechanism to prevent attacks in data communication. Considering the characteristic of mesh network, in this paper we proposed a public key cryptography based security architecture to establish a secure key agreement among communicating nodes in mesh network. The proposed security architecture consists of two major sections: client data protection and network data protection. Client data protection deals with the mutual authentication between the client and the access router and provide client to access router encryption for data confidentiality using standard IEEE 802.11i protocol. On the other hand, network data protection ensures encrypted routing and data transfer in the multi hop backbone network. For the network data protection, we used the pre-distributed public key to form a secure backbone infrastructure.

• The KIPS Transactions:PartC
• /
• v.11C no.2
• /
• pp.219-228
• /
• 2004

Wireless LAN(wireless Local Area Network) is constructed network environment by radio in indoors or outdoors environment and that to use electric wave or light instead of wire to client such as PC(Personal Computer), notebook, PDA in hub(Hub) in technological side. Now, among IEEE 802.11 WG(Working Group), there is TGf(Task Group F) that develop standard protocol between AP's(Access Point). In this group, proposed IAPP(Inter Access Point Protocol) to secure interoperability between AP producing in different manufacturer, this offers seamless connectivity between STA by sharing Security Context information or Layer 2 forwarding information between AP without passing through re-authentication process when STAs(Station) move by protocol to secure mobility between AP that differ in equal serve network. In this paper, I wish to suggest method that change avenue of communication of message to block information leakage that can occur at security message or WEP Key transmission between above AP, and uses public key to offer wireless area security little more.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.28 no.12C
• /
• pp.1258-1267
• /
• 2003

As the need for stable and high speed wireless Internet service Brows, the wireless LAN service provider hurries to preempt wireless LAN service market. IAPP(InterAccess Point protocol) is defined to be able to provide a secure handoff mechanism of wireless LAN terminal information between AP(Access Point)s, and the related IEEE standard is IEEE 802.11f. For the secure handoff of wireless LAN terminal, it is necessary to transfer terminal's authentication & accounting information securely from old AP to new AP IEEE 802.11f recommends RADIUS server as IAPP server which authenticates AP and provides information for secure channel between APs. This paper proposes IAPP server using Diameter protocol to overcome the limit of RADIUS sewer, and describes about the interaction between server components and integration method with the current IAPP client system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.3
• /
• pp.57-66
• /
• 2011

The current trend of the handover authentication delay time is gradually increased according to the interworking between 3G cellular network and WLANs. Therefore, authentication mechanism minimized in delay is required to perform the seamless handover and support the inter-subnet and inter-domain handover. In this paper, we propose a novel pre-authentication scheme based on the fast channel switching which directly performs the authentication with the next access point in advance. In addition, the proposed scheme is efficient in the inter-domain handover and can be easily implemented in current WLANs since it just modifies the client side of user. To analysis and evaluate our scheme, we compare the packet loss ratio and the delay time with the two standard 802.11 authentication schemes. The analytical results show that our scheme is approximate 10 times more effective than the standard schemes in packet loss and the delay time is minimized down to 0.16 msec.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.211-217
• /
• 2008

Recently, there are many efforts to support seamless mobility in 802.11 WLANs using IP Layer mobility protocols. The IP layer mobility protocols are the most efficient mechanism to guarantee the service session continuity when IP subnet is changed during handover. Even if the IP layer mobility protocols are quite efficient, the feature of the protocols that had been designed to consider only L3 layer makes it difficult to improve the performance of hand over more and more. Nowadays, to overcome this limitation of IP mobility protocols, many researchers have worked on the mobility protocols integration of different layers (e.g., L2 layer). In this paper, we propose the enhanced Proxy MIPv4 to minimize the latency of handover using MIH protocol in 802.11 WLANs. The proposed mechanism minimizes the latency of authentication by exchanging security keys between Access Routers during handover. Moreover, it also minimizes packet losses by Inter-AP Tunneling and data forwarding.

• Journal of Internet Computing and Services
• /
• v.9 no.4
• /
• pp.85-96
• /
• 2008

An authentication procedure on wired and wireless network will be done based on the registration and management process storing both the user's IP address and client device's MAC address information. However, existent MAC address registration/administration mechanisms were weak in MAC Spoofing attack as the attacker can change his/her own MAC address to client's MAC address. Therefore, an advanced mechanism should be proposed to protect the MAC address spoofing attack. But, existing techniques sequentially compare a sequence number on packet with previous one to distinguish the alteration and modification of MAC address. However, they are not sufficient to actively detect and protect the wireless MAC spoofing attack. In this paper, both AirSensor and AP are used in wireless network for collecting the MAC address on wireless packets. And then proposed module is used for detecting and protecting MAC spoofing attack in real time based on MAC Address Lookup table. The proposed mechanism provides enhanced detection/protection performance and it also provides a real time correspondence mechanism on wireless MAC spoofing attack with minimum delay.