Abstract
Problem statement: Spoofing Attack is one of the vulnerabilities in th e wireless networks, which is a situation in which the intruder successf ully masquerades as legal one. Spoofing Attacks wil l decrease the performance of the network and violate many security issues. In the networks that use MAC address based filtering approach to authenticat e the clients, the spoofer just needs to get a vali d MAC address that belong to some authorized client i n the network in order to gain an illegitimate advantage. Approach: In this article, it has proposed an algorithm that uses an additional authentication process beside MAC address filtering and periodically re-authenticates the client after sending every specific number of Data frames. The p roposed additional authentication process is based on two parts. First: Using unique information that belongs to every client in the network such as computer name, CPU ID and the current time as inputs to a hash function (one-way function), then insert the hash value in the slack fields of the he ader of the frame (Steganography). Second: Make a modification to the access point access control lis t by adding that unique information belong to each client in addition to its MAC address in the access control list. Thus, when the AP receives an Authentication frame from a client, it will first c heck the MAC address, if it is legal; the AP will r e- compute the Hash value depending on the corresponding identifiers stored in the access control list an d the time of creating the frame, then compare the re sulted hash value with the received one and decide whether to reject or accept the access. Results: The results has been found is that even the attacke r is spoofed the MAC address; he/she cannot communicate with the network because the attacker will fail in computing the hash value that depends on the Computer name and CPU ID. Also the attacker will be prevented even if he/she enters the network afte r the legal client finished the authentication proc ess successfully because the attacker will fail in the reauthentication process. Conclusion: It has been used Optimized Network Engineering Tool (OPNET) Modeler simulator as implementation tool to evaluate the proposed algorithms. we found out that the prop osed additional procedures of adding another unique identifier by using the Hash function is use ful to satisfy one of the basic objectives of secur ity which is the authentication. The periodic re-authen tication process makes additional support to this authentication need, so the MAC address spoofer wil l be detected and then prevented.
Highlights
Wireless Networks is one of the most important improvements in Networking since it uses radio signals instead of cables that connect individual devices (Ross, 2008) and this wireless connectivity offers to end users an easy access to the network and its resources
We depend on the principle of Hash function to get a value considered like a fingerprint to every terminal in the network and its inputs are Computer name, CPUid (CPU MAC address) and the creation time of the frame. (So that, at every second there will be a different hash value, making the attacker gets no benefit from stealing this hash)
We present the format of both frame types and the description for some fields that involved in the proposed algorithms
Summary
Wireless Networks is one of the most important improvements in Networking since it uses radio signals instead of cables that connect individual devices (Ross, 2008) and this wireless connectivity offers to end users an easy access to the network and its resources. 5- Put the hash value in the Challenge text field 6- Send this Authentication frame to the AP 7- Make the Data Counter within the Station equal to zero
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
