Redundancy handoff concept Detection and mitigation reliability of wireless 802.

11
Sigit wibawa
Universitas Mercu Buana, Indonesia
Email: sigitwibawa@ieee.org

Abstract device or mobile station (MS) is called a receiver, it wants

Over the past 20 years, the IEEE 802.11 standard has been
highly developed, both in terms of functional and
performance. However, security is still a major concern,
especially for WLANs that are generally used. This paper
describes various taxonomies of standard Wi-Fi,
terminology in wireless networks and the main challenges
in wireless networks, namely de-authentication [1] [2] [3]
[4] [5] [6] [7]. At present and future mitigation lies in the
reliability of a system and the right solution to overcome
this problem is needed to answer this challenge we offer a
concept and propose an approach to securing WLAN by
utilizing system reliability formulas using the Reliability
Block Diagram (RBD) configured redundant to identify
attacks, reactive and proactive defense strategies. We
utilize information from Physical Layer (PHY) and
Medium Access Control (MAC) Layer [9]. Our evaluation
shows that the proposed solution successfully identifies
and remains the system to survive the attack.
Key word: WLAN, standard IEEE, de-authentication,
Redundant, Reliability
to be connected to Access Point (AP) in this case as a
transmitter, either after power up, sleep mode, or shortly
after entering the area within the reach of a new AP, the
device must first find the nearest AP, then choose one to
connect to the AP, to find out if there is an AP available
in the region, an MS who wants to connect with the AP
can passively listen to the Beacon Frames broadcast by
AP, this is called passive scanning or then send the frame
Probe Request and wait for the response from the AP
Probe and this called active scanning, after which MS
determines which AP the best according to the selection
criteria used, then Authentication will be carried out. This
process is the exchange of information between AP and
MS, where each party has proven the authentication key
that becomes a secret together later when this wireless
device is confirmed, it will begin the Association process
(Association), which is the exchange of MS and AP
information, only after this association process is
completed is the wireless device capable of sending and
receiving data frames. This process is shown in Figure 2.1

I. Introduction

In recent years Wireless technology has grown

"massively" and especially in the last decade the internet
has made a huge leap of almost all devices trying to be
connected with wireless technology. In the local area
wireless network (WLAN) we can connect to the Internet
without using a cable with only an Ethernet wireless
device which is a Network Interface Card that functions
to communicate between devices we can communicate
easily and with simple infrastructure. Now almost Figure 2.1. Process Association in IEEE 802.11
everyone in the world has wireless home networking
III. IEEE Standard Wireless Network
facilities and security technology also drastically
increases the creation of more and safer networks, as well In 1999, IEEE (Institute of Electrical and Electronics
as "hackers" also expanding their knowledge and adding Engineers) released 802.11 for Wi-Fi and used 2.4 GHz
their skills to disrupt networks or systems [7]. Frequency with a maximum data speed of 1-2 Mbps. Then
2 new discoveries were released in 2008, 802.11a and
II. Principle of Wireless Networks
802.11b standards. [7]
2.1 Wireless Network
802.11a runs at 5GHz frequency and 54Mbps speed and
Basically the wireless network serves to connect at least 802.11 b standard speeds up to 11 Mbps at 2.4 GHz
two devices to communicate with each other in certain frequency.
areas with the transmission media using radio frequency
(RF) with a certain frequency. When a mobile wireless
But these two inventions could not communicate with
each other, this limitation gave birth to a new 802.11g
standard that supports speeds of up to 54 Mbps and is
compatible in communicating with 802.11 standards b,
There are other standards that are now used by the wider
community, namely:
1. 802.11n - This standard basically improves the 802.11
standard [3] by adding new MIMO (Multiple Input
Multiple Output) technology. This standard operates on
both the 2.4 GHz and 5GHz frequency bands. This was
launched this month in October 2009.
2. 802.11ac - This standard was launched that year in
December 2013. If we compare this standard of 802.11n
and 802.11ac standards then 802.11ac is a better standard
because of its speed up to 300 Mbps, in theory the
frequency width can reach 160 MHz in addition also
introduced features enhancements from MIMO called
MU-MIMO or Multi User MIMO.
IV. Terminology used in wireless networks
The basic terminology used in Wireless networks is as
follows:
1. Service Set Identification (SSID) is the name of a
wireless network that must exist and is very important to
be able to connect and join a network, the first time we do
a network configuration we will be asked to specify the
network name or SSID to be used.
2. The Basic Service Set Identifier (BSSID) has the
understanding that in an infrastructure topology there is at
least one AP that acts as a transmitter, there is an address
called the MAC Address, which is a mutually agreed upon
identity owned by a wireless device, from this address we
coordinate and synchronize forwarding and broadcasting
data packets, this function is almost the same as bridge
technology in wired network methods.
3. Extended Service Set Identification (ESSID) in a large
network, an AP is not enough to serve all clients, let alone
the network is in a separate area, the AP signal will not
reach because it is used by several APs. Each AP is
arranged in a different channel to avoid interference, so
that it forms a network such as a cellular network, each
client or user can do handoff or roaming easily without
losing service signals, in other words it can function to
forward from a radio cell to a cell other via a cable
network. The combination of AP and cable network will
form the so-called Distributed System (DS) as shown in
Figure 4.1
Figure 4.1 Handoff process on Extended Service Set
with Distributed System
4. The Channel IEEE 802.11 standard has defined
different frequency ranges and bandwidths such as 2.4
GHz, 5 GHz, and so on. Each of these ranges is further
divided into several channels. Each country has its own
rules and channels as shown in Figure 4.2
Figure 4.2 channel and frequency of IEEE 802.11
standards
When we consider the illustration of the use of the 2.4
GHz frequency by the 14 channels, such as overlapping,
this causes interference problems that will cause damage
to the data sent and received, so that a good channel usage
strategy is needed, we must choose channels that do not
interfere with each other so that data and performance can
be optimal.
5. Management frames in the IEEE 802.11 standard there
is a rule in which there are general provisions, namely:
• Frame Authentication
• Frame De-authentication
• Frame Association
• Frame Association Request
• Frame Association Response
• Frame Reassociation Response
• Frame Disassociation
• Frame Beacon
• Frame Probe Request
• Frame Probe Response
6. Reliability Block Diagram (RBD) Redundant
configuration, Reliability Block Diagram (RBD) which is
configured as Redundant is a method that measures the
reliability of a complex system and has a redundant
configuration (has a backup component that functions the
same as the system element) [21].
RBD with Redundant configuration is the ability of a
system to function normally even though there are
elements that are not functioning. This is usually achieved
by having backup components that function the same as
system elements [22].
Redundant is the same as k out of n system where a system
n component works well if and only if at least k of n
components works well. Redundant is used in continuous
equipment / machine conditions and is required to have a
backup system with an IID machine (Identic independent
distribution), the number of machines working follows the
binomial distribution with parameters n and p. The
reliability of the system is the same as the probability that
the number of working machines is greater than or equal
to k [22]:
………………. (1)
information:
n: Number of APs in the system.
i: The minimum number of APs that must function for out
of the system.
p: Reliability of AP when all iid machines.
Q: Not machine reliability when all iid machines, q = 1-p.
Equation (1) is an explicit formula that can be used to
evaluate reliability of out of system. From the equation for
system reliability given above. In this study Redundant
with the number of machines working follows a binomial
distribution with the parameters n = 5, k = 4 and p is the
average RBD value of 5 AP.
The approach to a system reliability is often modeled
using a network (network) where the components of a
system are connected in a series, parallel relationship
pattern, and a series and parallel combination of this
approach we apply that each attack or interference is
analogous to a system failure so it needs there is a concept
of a network model that is capable and reliable for
managing attacks so that the reliability model is applied
as illustrated in Figure 3.3
Figure 4.3. Serial and Parallel standby redundancy
V. The main challenge at this time
For simulation and testing for resistance and interference,
the ESP8266 IOT Module [17], [18], [19], [20] is used,
which is a complete chip which includes processor,
memory and also access to GPIO. This causes ESP8266
to directly replace Arduino and added to its ability to
support wi-fi connections directly. ESP8266 is a wi-fi
module that functions as a wireless microcontroller
support device and makes TCP / IP connections. This
module uses approximately 3.3 Volts with three wi-fi
modes, namely Station, Access Points and Both. This
module is also equipped with a processor, memory and
GPIO to carry out this microcontroller attack simulation
can be relied upon, ESP8266 module based on Ethernet
and wireless there are several types that can be found on
the market but actually have the same function the
difference lies only in the GPIO pin provided.
Figure 5.1 some types of ESP8266
small size, this board is equipped with wireless features
and the firmware is open source. In ESP8266 important
specifications found on this board are [17], [18], [19],
[20]:
▪ ESP8266 Serial Wi-Fi SoC (single on Chip),
onboard USB to TTL
▪ Support Wireless IEEE 802.11b/g/n
▪ 9 GPIO (3 pin PWM, 1 x ADC Channel, and pin
RX TX) Wi-Fi Direct (P2P / Point-to-Point),
Soft-AP / Access Point TCP/IP Protocol, support
WEP, TKIP, AES, and WAPI, Integrated CPU
32-bit
Figure 5.2 Block diagram and ESP8266 module used
To run certain functions a module such as ESP8266
requires a programming language to run, it requires
development tool programs such as Arduino IDE
(Integrated Development Environment) which is software
that can be used by designers to perform various processes
related to programming microcontroller modules such as
Arduino including modules ESP8266, this IDE already
supports various operating systems such as Windows,
Linux and others.
a) Three intervening gaps in the management frame
In the de-authentication frame, the Frame Beacon and
Probe Request frames [9] are generally considered to be
management frames in the 802.11 standard [7], [9] this
can be used to decide the Station or client with AP. We
use the ESP8266 module which is equipped with a
program to send an 'attack' and is able to disconnect
communication without having to enter the network.
b) How is work?
The frame management was asked to decide the
communication between the station and AP. Frame
management is unencrypted and unauthenticated so that
this request process is immediately carried out to
disconnect the receiving station with AP, then it is made
to cancel the secure connection between the AP and the
receiving station. We will show a practical session with
the following explanations:
First step: connect with ESP8266 module
After the SSID module is detected and prompted for a
password, we will enter the menu using the browser
application and type the address: 192.168.4.1 then enter
later like Figure 5.3 and then scan to find out the wireless
devices around us.
Figure 5.3 Scan AP Application Menu ESP8266
Second step: determine the target to be attacked
after determining the target we will be asked to do the type
of attack that will be shown to the target of the choice
there is De-auth, Beacon and Probe-Request we can
choose one or all three of these types of attacks carried out
Figure 5.4 Attacks Application Menu ESP8266
After we choose one of the attacks the ESP8266 module
will restart then after power mode on will continue to
carry out a 'standalone' attack so that the victim cannot
communicate with the AP
Figure 5.5 Illustration of attack
If every attack to AP as illustrated in Figure 5.5 is
considered to be an imperfect AP, it means that the AP has
the opportunity to fail to move the work function of
component A when it fails to go to component B. If the
chance of a successful AP doing its job is Ps, then the
chance of a switch failure will be
Qs = (1 – Ps).
This problem can then be solved by the concept of
conditional probability where:
P (system fault) = P (system fault if AP is successful) x P
(AP success) + P (system fault because AP fault) x P (AP
fault)
The above statement can be translated mathematically
into:
Q = QA.QB.Ps + QA.Qs
= QAQBPs + QA(1-Ps)
= QAQBPs + QA – QAPs
=QA–QAPs(1-QB)............................
If the AP is connected to component B (component A
standby), then :Q=QB–QBPs(1-QA)...........................
Figure 5.6 Standby Redundancy
This mathematical approach to standby redundancy
answers the failure of the system by ensuring the
continuity of connectivity between the STA and the AP
that is attacked, the purpose of which is to keep the user
or STA still getting services to communicate as in Figure
5.7
Figure 5.7 The Access Point is set configuration into
standby Redundancy
Conclusion and recommendation
To fight and defend against attacks due On the de-
authentication frame, the Frame Beacon and Probe
Request frames cannot be avoided by blocking the process
but the solution is to prepare for anticipation of the attack
by proposes a system reliability formula approach by
using Reliability Block Diagrams (RBD) which are
configured redundant to identify attacks, this reactive and
proactive defense strategy is done in a simple way by
using the same SSID with the same password on an AP
network. Our evaluation shows that the proposed solution
successfully identifies and remains the system to survive
the attack, in the future our proposal is to prepare an AP
device with more than one MAC address to anticipate this
type of attack besides having reliability because it has
redundancy capability.
References
[1] A Novel Classification Scheme for 802.11 WLAN Active Attacking
Traffic Patterns Wenzhe Zhou, Alan Marshall and Qiang Gu School of
Electrical & Electronic Engineering, Queen’s University, Belfast,
UK,2006
[2] Detecting and Reducing the Denial of Service attacks in WLANs
Rajeev Singh Department of Computer Engineering GB Pant University,
Pantnagar Udham Singh Nagar (Uttarakhand), India, Teek Parval
Sharma Department of Computer Engineering National Institute of
Technology Hamirpur (H.P.), India 2011
[3] Impact of Metric Selection on Wireless De-Authentication DoS
Attack Performance
Jonny Milliken, Member, IEEE, Valerio Selis, Kian Meng Yap,
Member, IEEE, and Alan Marshall, Senior Member, IEEE, IEEE
WIRELESS COMMUNICATIONS LETTERS, VOL. 2, NO. 5,
OCTOBER 2013
[4] Detection of De-authentication Denial of Service attack in 802.11
networks Mayank Agarwal, Santosh Biswas, Sukumar Nandi
Department of CSE, IIT Guwahati, India 2013 Annual IEEE India
Conference (INDICON)
[5] Analysis of the Implementation Characteristics of DDoS Attacks on
Wi-Fi Networks Andri Dovhan, Maria Grabar Telecommunication
Systems Departament Kharkiv National University of Radio electronics
Kharkiv, Ukraine
[6] Profiling and Mitigating Brute Force Attack in Home Wireless LAN
Mohd Yusof Mohammad Hafiz, Fakariah Hani Mohd Ali Department of
Computer Technology and Networking Faculty of Computer and
Mathematical Sciences, Universiti Teknologi MARA, 40450 Shah
Alam, Selangor, MALAYSIA
[7] Wireless Network Security: Tough Times
Utkarsh Wadhwa B. Tech (3/'d Year) Department of Information
Technology Galgotias College of Engineering and Technology Greater
Noida, India
2015 International Conference on Green Computing and Internet of
Things (ICGCloT)
[8] Detection of De-authentication DoS attacks in Wi-Fi Networks: A
Machine Learning Approach
Mayank Agarwal, Santosh Biswas, Sukumar Nandi Department of
Computer Science & Engineering Indian Institute of Technology,
Guwahati - 781039, India 2015 IEEE International Conference on
Systems, Man, and Cybernetics
[9] Mac Layer Management Frame Denial of Service Attacks
Jaspreet Kaur Department of Information Technology Indira Gandhi
Delhi Technical University for Women, Delhi, India
2016 International Conference on Micro-Electronics and
Telecommunication Engineering
[10] Detection and Mitigation of Wireless Link Layer Attacks
May Aye Chan Aung, Khin Phyo Thant Myanmar University of
Computer Studies, Mandalay, Myanmar IEEE SERA 2017, June 7-9,
2017, London, UK
[11] FADEWICH: Fast Deauthentication over the Wireless Channel
Mauro Conti University of Padua,Italy, Giulio Lovisotto University of
Oxford,UK, Ivan Martinovic University of Oxford UK, Gene Tsudik
University of California, Irvine USA.
2017 IEEE 37th International Conference on Distributed Computing
Systems
[12] Identifying Malicious Traffic in Software-Defined Wireless Local
Area Networks
Radoslaw Cwalinski and Hartmut Koenig Computer Networks and
Communication Systems Group, Brandenburg University of
Technology Cottbus-Senftenberg, de.
2018 Workshop on Computing, Networking and Communications (CNC)
[13] A Mesh Network Reliability Analysis Using Reliability Block
Diagram
Cheng-Min Lin, Hui-Kang Teng†, Cheng-Chih Yang‡, Hwei-Li Weng*,
Ming-Cheng Chung, Chiu-Chiao Chung Department of Computer and
Communication Engineering, Nan Kai University of Technology
Graduate Institute of Electrical Engineering, Nan Kai University of
Technology, 2010 IEEE
[14] Formal Reliability Analysis of Wireless Sensor Network Data
Transport Protocols using HOL
Waqar Ahmed and Osman Hasan School of Electrical Engineering and
Computer Science National University of Sciences and Technology
Islamabad, Pakistan, Sofi`ene Tahar Department of Electrical and
Computer Engineering Concordia University Montreal, QC, Canada,
The Second International Workshop on Cooperative Wireless Networks
– 2015
[15] RELIABILITY OF COMPUTER SYSTEMS AND NETWORKS,
BOOK
Martin L. Shoom, 2002, JOHN WILEY publishing since 1807
[16] Reliability Analysis of a Wireless Transmission as a Repairable
system
Raja Sattiraju, Pratip Chakraborty and Hans D. Schotten University of
Kaiserslautern
Kaiserslautern, Germany Globecom 2014 Workshop - Ultra-Low
Latency and Ultra-High Reliability in Wireless Communication
[17] ESP8266 based Implementation of Wireless Sensor Network with
Linux Based Web-Server Tejas Thaker M.E.-VLSI AND ESD GTU PG
SCHOOL Gandhinagar, India 2016 Symposium on Colossal Data
Analysis and Networking (CDAN)
[18] Implementation of WiFi-Based Single Phase Smart Meter for
Internet of Things (IoT) Win Hlaing The Sirindhorn International Thai-
German Graduate School of Engineering (TGGS) King Mongkut’s
University of Technology North Bangkok,Thailand 5th International
Electrical Engineering Congress, Pattaya, Thailand, 8-10 March 2017
[19] Estimate Distance Measurement using NodeMCU ESP8266 based
on RSSI Technique Suvankar Barai1, Debajyoti Biswas2 and
Buddhadeb Sau3 Department of Mathematics, Jadavpur University,
Kolkata- 700032, India, Proceedings of 2017 IEEE CAMA, Tsukuba,
Japan
[20] IOT Based Controlling of Hybrid Energy System using ESP8266
Prakhar Srivastava Department of Electrical Engineering DIT University
Dehradun, India
Mohit Bajaj Department of Electrical Engineering NIT Delhi Delhi,
India
Ankur Singh Rana Department of Electrical Engineering Jamia Millia
Islamia Delhi, India 2018 IEEMA Engineer Infinite Conference
(eTechNxT)
[21] Ebeling, Charles E. (1997), An Introduction to Reliability and
Maintainability Engineering, Me Graw Hill Book Co., Singapore.
[22] Optimal Reliability Modeling: Principles and Applications. Front
Cover. Way Kuo, Ming J. Zuo. John Wiley & Sons, Feb 17, 2003