Vulnerabilities Exposing IEEE 802.16e Networks to DoS Attacks: A Survey

Naseer, Sheraz; Younus, Mohammed; Ahmed, Abu Shohel

doi:10.1109/snpd.2008.104

Cited by 17 publications

(31 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is different from previous work and attacks analyzed by [2], [4], [6], [11] due to the inconspicuous nature of such an attack. In this scenario, attackers act as client subscribers and ignore parameter values they are assigned by choosing values that degrade the QoS of other SS's.…”

Section: Experimental Design 31 Problem Definitioncontrasting

confidence: 96%

Cost-effective quality assurance of wireless network security

Cameron

Brooks

Deng

2013

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

View full text Add to dashboard Cite

Wireless communication is a common part of modern society, incorporated into new products and services bringing additional security risks and requirements. To meet these needs and assure quality assurance, thorough wireless security testing needs to be completed before new products or services are released. Meticulous testing is expensive, consuming resources and time. This paper presents a general method for network security analysis and experimentation that reduces time and costs. Factorial experiment design tests multiple factors in parallel, while producing robust, repeatable and statistically significant results by treating all other parameters as noise when testing first order effects. Also, second and third order effects can be analyzed with less significance. This paper presents this approach used in the experimental design and statistical analysis of a WiMAX denial of service (DoS) attack targeting bandwidth contention resolution system parameters of IEEE 802.16e. We outline how this approach can be used as a cost-effective method for network security analysis.

show abstract

Section: Experimental Design 31 Problem Definitioncontrasting

confidence: 96%

Cost-effective quality assurance of wireless network security

Cameron

Brooks

Deng

2013

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

View full text Add to dashboard Cite

show abstract

“…In this section, we will focus on the security threats that apply to WiMAX networks [Andrews et al 2007;Barbeau 2005;Naseer et al 2008;Xu et al 2006]. These security threats can be divided into two categories: PHY layer threats and MAC layer threats.…”

Section: A13 Further Discussion On Wimax Securitymentioning

confidence: 99%

“…Unfortunately, when WiMAX network operators choose not to use EAP-based mutual authentication, the subscriber stations are vulnerable to MITM attacks of various kinds [Barbeau 2005;Naseer et al 2008;Xu et al 2006]. Without mutual authentication, the base station will be able to verify the subscriber identity, yet the subscriber has to trust that the base station is authentic.…”

Section: Mac Layer Threatsmentioning

confidence: 99%

A Survey of Wireless Communications for the Electric Power System

Akyol¹,

Kirkham²,

Clements³

et al. 2010

View full text Add to dashboard Cite

Executive SummaryA key mission of the U.S. Department of Energy (DOE) Office of Electricity Delivery and Energy Reliability (OE) is conducting research and development to enhance the security and reliability of the nation's energy infrastructure. Improving the security of control systems, which enable the automated control of our energy production and distribution, is critical for protecting the energy infrastructure and the integral function that it serves. The DOE-OE Control Systems Security Program is actively pursuing advanced security solutions for control systems.The focus of this report is analyzing how, where, and what type of wireless communications are suitable for deployment in the electric power system and to inform implementers of their options in wireless technologies. The discussions in this report are applicable to enhancing both the communications infrastructure of the current electric power system and new smart system deployments.The work described in this report includes a survey of the following wireless technologies: In this document, we provide a concise summary of the technical underpinnings of each wireless technology. We also outline the feature set and the strengths and weaknesses of each technology. Our intent is to provide enough detail to our readers such that when considering wireless for a particular application, they will know enough to ask the right questions to get the features and capabilities desired.For obtaining data communications coverage quickly and inexpensively over a large geographic area, both WiMAX and 3G/4G cellular technologies should be considered. WiMAX at the present holds a bandwidth and latency advantage over 3G cellular communications; however, with the imminent LTE deployment from multiple carriers, we believe this advantage will be short-lived. Unlike WiMAX deployments, LTE will mostly reuse existing cellular networks and should be a straightforward evolution of the 3G cellular networks. Both of these technologies operate over licensed spectrum and therefore should be protected against unintended interference. In terms of scalability, we know that the cellular networks are capable of accommodating hundreds of millions of subscribers while providing both voice and data communications. WiMAX networks have been deployed to provide wireless local loop service successfully. However, presently, WiMAX networks only support a small fraction of users compared to 3G cellular networks. Whether using WiMAX or 3G/4G cellular, we recommend a combination of application-level security and virtual private networking (VPN) for transporting electric power system information over these public networks.For creating a wireless sensor network for both data gathering and command/control applications, there are three alternatives, all based on the IEEE 802.15.4 protocol stack: ZigBee, WirelessHART, and ISA100.11a. We expect ZigBee to be a common choice for electric power system networking within the iv home. While there are legitimate concerns for the security properties of ZigBee ...

show abstract

“…In [4], the security issues on Privacy and Key Management (PKM), such as replay attack and interleaving attack, were discussed and some solutions were proposed. Moreover, the vulnerabilities leading to DoS attacks in IEEE 802.16e were discussed in [5] polynomial-based key generation for IEEE 802.16m networks was given in [7]. Its key purpose is to enhance the multi-hop relay security authentication among relay stations and base stations in IEEE 802.16m.…”

Section: Related Workmentioning

confidence: 99%

“…The security sublayer provides subscribers with privacy, authentication or confidentiality across the wireless network. However, many security vulnerabilities, such as interleaving This [3][4][5]. The security sublayer in IEEE 802.16m is amended to address the found security vulnerabilities and satisfy the new security requirements in the IMT-advanced environments.…”

Section: Introductionmentioning

confidence: 99%

EKMP: An enhanced key management protocol for IEEE 802.16m

Zhang

Zhu

et al. 2011

2011 IEEE Wireless Communications and Networking Conference

View full text Add to dashboard Cite

Recently, IEEE 802.16m was submitted to the ITU and acknowledged as the candidate technology of the IMT-advanced standardization. In this paper, we point out several security issues, such as key agreement blocking and Denial of Service (DoS) attacks, of the key management protocol in IEEE 802.16m. To address the found security issues, we propose an enhanced key management protocol, named as EKMP, which extends the pairwise master key and adds the integrity protection to all key agreement messages. EKMP can not only provide advanced relay station access but also avoid key agreement blocking and DoS attacks. In particular, our scheme is provably secure in the Canetti-Krawczyk model. Furthermore, our theoretical analysis shows that EKMP is much more efficient in terms of communication overhead and memory requirement. Index Terms-802.16m; Denial of Service (DoS); provable security; Canetti-Krawczyk (CK). VI. PERFORMANCE EVALUATIONWe analyze the EKMP's performance form three metrics, communication overhead (i.e. authentication latency), memory requirement and computational cost, by compared with the original proposal in IEEE 802.16m.Communication overhead The communication overhead represents the handover times for authentication and key distribution. Typically, the communication overhead is the most important factor to evaluate the efficiency of a handover authentication protocol. In this analysis, communication overhead for the common message exchanges such as for the initial authentication are not included.

show abstract

Vulnerabilities Exposing IEEE 802.16e Networks to DoS Attacks: A Survey

Cited by 17 publications

References 4 publications

Cost-effective quality assurance of wireless network security

Cost-effective quality assurance of wireless network security

A Survey of Wireless Communications for the Electric Power System

EKMP: An enhanced key management protocol for IEEE 802.16m

Contact Info

Product

Resources

About