Prevention of Spoofing Attacks in the Infrastructure Wireless Networks

Abstract

Problem statement: Spoofing Attack is one of the vulnerabilities in the wireless networks, which is a situation in which the intruder successfully masquerades as legal one. Spoofing Attacks will decrease the performance of the network and violate many security issues. In the networks that use MAC address based filtering approach to authenticate the clients, the spoofer just needs to get a valid MAC address that belong to some authorized client in the network in order to gain an illegitimate advantage. Approach: In this article, it has proposed an algorithm that uses an additional authentication process beside MAC address filtering and periodically re-authenticates the client after sending every specific number of Data frames. The proposed additional authentication process is based on two parts. First: Using unique information that belongs to every client in the network such as computer name, CPU ID and the current time as inputs to a hash function (one-way function), then insert the hash value in the slack fields of the header of the frame (Steganography). Second: Make a modification to the access point access control list by adding that unique information belong to each client in addition to its MAC address in the access control list. Thus, when the AP receives an Authentication frame from a client, it will first check the MAC address, if it is legal; the AP will re-compute the Hash value depending on the corresponding identifiers stored in the access control list and the time of creating the frame, then compare the resulted hash value with the received one and decide whether to reject or accept the access. Results: The results has been found is that even the attacker is spoofed the MAC address; he/she cannot communicate with the network because the attacker will fail in computing the hash value that depends on the Computer name and CPU ID. Also the attacker will be prevented even if he/she enters the network after the legal client finished the authentication process successfully because the attacker will fail in the reauthentication process. Conclusion: It has been used Optimized Network Engineering Tool (OPNET) Modeler simulator as implementation tool to evaluate the proposed algorithms. we found out that the proposed additional procedures of adding another unique identifier by using the Hash function is useful to satisfy one of the basic objectives of security which is the authentication. The periodic re-authentication process makes additional support to this authentication need, so the MAC address spoofer will be detected and then prevented.