A Novel Algorithm to detect Replay Attack in WLANs

Abstract

Nowadays, security of wireless local area networks (WLANs) is the biggest concern for many organizations. Protecting wireless networks from unauthorized users is a major concern to be addressed. The broadcasting nature of the wireless networks makes it vulnerable to carry different types of attacks. Main wireless threats are man in the middle attack, eavesdropping, evil twin attack and replay attack etc. In this paper Replay Attack threat is highlighted. An attacker can use many different tools available freely on the internet to carry this type of attack. We propose a methodology to detect the Replay attack. In this paper a variant of replay attack called address resolution replay attack is discussed. To carry this attack Ettercap tool is used. In this type of attack, attacker floods the wireless network with ARP traffic. So the performance of the wireless network degrades. To detect ARP request/replay attack our proposed method uses protocol field and nature of frame field. A Replay attack in which all the traffic captured and replayed is also discussed. To detect this type of attack, main parameters which are considered are the number of retransmitted packets, number of duplicate ACK and number of TCP spurious retransmitted packet.