Current Search: 802.11 (x)
-
-
Title
-
ENHANCING MESSAGE PRIVACY IN WIRED EQUIVALENT PRIVACY.
-
Creator
-
Purandare, Darshan, Guha, Ratan, University of Central Florida
-
Abstract / Description
-
The 802.11 standard defines the Wired Equivalent Privacy (WEP) and encapsulation of data frames. It is intended to provide data privacy to the level of a wired network. WEP suffered threat of attacks from hackers owing to certain security shortcomings in the WEP protocol. Lately, many new protocols like WiFi Protected Access (WPA), WPA2, Robust Secure Network (RSN) and 802.11i have come into being, yet their implementation is fairly limited. Despite its shortcomings one cannot undermine the...
Show moreThe 802.11 standard defines the Wired Equivalent Privacy (WEP) and encapsulation of data frames. It is intended to provide data privacy to the level of a wired network. WEP suffered threat of attacks from hackers owing to certain security shortcomings in the WEP protocol. Lately, many new protocols like WiFi Protected Access (WPA), WPA2, Robust Secure Network (RSN) and 802.11i have come into being, yet their implementation is fairly limited. Despite its shortcomings one cannot undermine the importance of WEP as it still remains the most widely used system and we chose to address certain security issues and propose some modifications to make it more secure. In this thesis we have proposed a modification to the existing WEP protocol to make it more secure. We achieve Message Privacy by ensuring that the encryption is not breached. The idea is to update the shared secret key frequently based on factors like network traffic and number of transmitted frames. We also develop an Initialization Vector (IV) avoidance algorithm that eliminates IV collision problem. The idea is to partition the IV bits among different wireless hosts in a predetermined manner unique to every node. We can use all possible 224 different IVs without making them predictable for an attacker. Our proposed algorithm eliminates the IV collision ensuring Message Privacy that further strengthens security of the existing WEP. We show that frequent rekeying thwarts all kinds of cryptanalytic attacks on the WEP.
Show less
-
Date Issued
-
2005
-
Identifier
-
CFE0000479, ucf:46371
-
Format
-
Document (PDF)
-
PURL
-
http://purl.flvc.org/ucf/fd/CFE0000479
-
-
Title
-
A NEW FRAMEWORK FOR QOS PROVISIONING IN WIRELESS LANS USING THE P-PERSISTENT MAC PROTOCOL.
-
Creator
-
Anna, Kiran Babu, Bassiouni, Mostafa, University of Central Florida
-
Abstract / Description
-
The support of multimedia traffic over IEEE 802.11 wireless local area networks (WLANs) has recently received considerable attention. This dissertation has proposed a new framework that provides efficient channel access, service differentiation and statistical QoS guarantees in the enhanced distributed channel access (EDCA) protocol of IEEE 802.11e. In the first part of the dissertation, the new framework to provide QoS support in IEEE 802.11e is presented. The framework uses three...
Show moreThe support of multimedia traffic over IEEE 802.11 wireless local area networks (WLANs) has recently received considerable attention. This dissertation has proposed a new framework that provides efficient channel access, service differentiation and statistical QoS guarantees in the enhanced distributed channel access (EDCA) protocol of IEEE 802.11e. In the first part of the dissertation, the new framework to provide QoS support in IEEE 802.11e is presented. The framework uses three independent components, namely, a core MAC layer, a scheduler, and an admission control. The core MAC layer concentrates on the channel access mechanism to improve the overall system efficiency. The scheduler provides service differentiation according to the weights assigned to each Access Category (AC). The admission control provides statistical QoS guarantees. The core MAC layer developed in this dissertation employs a P-Persistent based MAC protocol. A weight-based fair scheduler to obtain throughput service differentiation at each node has been used. In wireless LANs (WLANs), the MAC protocol is the main element that determines the efficiency of sharing the limited communication bandwidth of the wireless channel. In the second part of the dissertation, analytical Markov chain models for the P-Persistent 802.11 MAC protocol under unsaturated load conditions with heterogeneous loads are developed. The Markov models provide closed-form formulas for calculating the packet service time, the packet end-to-end delay, and the channel capacity in the unsaturated load conditions. The accuracy of the models has been validated by extensive NS2 simulation tests and the models are shown to give accurate results. In the final part of the dissertation, the admission control mechanism is developed and evaluated. The analytical model for P-Persistent 802.11 is used to develop a measurement-assisted model-based admission control. The proposed admission control mechanism uses delay as an admission criterion. Both distributed and centralized admission control schemes are developed and the performance results show that both schemes perform very efficiently in providing the QoS guarantees. Since the distributed admission scheme control does not have a complete state information of the WLAN, its performance is generally inferior to the centralized admission control scheme. The detailed performance results using the NS2 simulator have demonstrated the effectiveness of the proposed framework. Compared to 802.11e EDCA, the scheduler consistently achieved the desired throughput differentiation and easy tuning. The core MAC layer achieved better delays in terms of channel access, average packet service time and end-to-end delay. It also achieved higher system throughput than EDCA for any given service differentiation ratio. The admission control provided the desired statistical QoS guarantees.
Show less
-
Date Issued
-
2010
-
Identifier
-
CFE0003243, ucf:48513
-
Format
-
Document (PDF)
-
PURL
-
http://purl.flvc.org/ucf/fd/CFE0003243
-
-
Title
-
DEVELOPING STRAND SPACE BASED MODELS AND PROVING THE CORRECTNESS OF THE IEEE 802.11I AUTHENTICATION PROTOCOL WITH RESTRICTED SECURITY OBJECTIVES.
-
Creator
-
Furqan, Zeeshan, Guha, Ratan, University of Central Florida
-
Abstract / Description
-
The security objectives enforce the security policy, which defines what is to be protected in a network environment. The violation of these security objectives induces security threats. We introduce an explicit notion of security objectives for a security protocol. This notion should precede the formal verification process. In the absence of such a notion, the security protocol may be proven correct despite the fact that it is not equipped to defend against all potential threats. In order to...
Show moreThe security objectives enforce the security policy, which defines what is to be protected in a network environment. The violation of these security objectives induces security threats. We introduce an explicit notion of security objectives for a security protocol. This notion should precede the formal verification process. In the absence of such a notion, the security protocol may be proven correct despite the fact that it is not equipped to defend against all potential threats. In order to establish the correctness of security objectives, we present a formal model that provides basis for the formal verification of security protocols. We also develop the modal logic, proof based, and multi-agent approaches using the Strand Space framework. In our modal logic approach, we present the logical constructs to model a protocol's behavior in such a way that the participants can verify different security parameters by looking at their own run of the protocol. In our proof based model, we present a generic set of proofs to establish the correctness of a security protocol. We model the 802.11i protocol into our proof based system and then perform the formal verification of the authentication property. The intruder in our model is imbued with powerful capabilities and repercussions to possible attacks are evaluated. Our analysis proves that the authentication of 802.11i is not compromised in the presented model. We further demonstrate how changes in our model will yield a successful man-in-the-middle attack. Our multi-agent approach includes an explicit notion of multi-agent, which was missing in the Strand Space framework. The limitation of Strand Space framework is the assumption that all the information available to a principal is either supplied initially or is contained in messages received by that principal. However, other important information may also be available to a principal in a security setting, such as a principal may combine information from different roles played by him in a protocol to launch a powerful attack. Our presented approach models the behavior of a distributed system as a multi-agent system. The presented model captures the combined information, the formal model of knowledge, and the belief of agents over time. After building this formal model, we present a formal proof of authentication of the 4-way handshake of the 802.11i protocol.
Show less
-
Date Issued
-
2007
-
Identifier
-
CFE0001801, ucf:47380
-
Format
-
Document (PDF)
-
PURL
-
http://purl.flvc.org/ucf/fd/CFE0001801