BibTex RIS Cite

-

Year 2013, Volume: 6 Issue: 3, 17 - 23, 18.01.2014

Deniz Mertkan Gezgin Ercan Buluş

Abstract

With the development of wireless networks and the increase in their usage, the security of wireless networks has taken the centre stage. Various attack techniques that were previously used in wired networks have started to be used also in wireless networks. One of the major attacks is the one that is generalized as DoS (Denial of Service). Several wireless device producing companies have developed security policies against DoS attacks and tried to prevent them. However, in some of the fields that these devices are used, some security vulnerabilities have been observed. DoS attack techniques have been classified initially in this study. Afterwards, a program has been developed in Vbasic programming language in order to test the vulnerabilities of wireless networks in public places against DoS attacks. The attack types that were realized are TCP (Transmission Control Protocol) Flood, UDP (User Datagram Protocol) Flood and Ping Flood. Consequently, the attacks have been successful.

Keywords

DoS-denial of service ping flood tcp flood mac spoofing access points wireless networks

References

  • (REFERENCES) Abramov, Raz, and Amir Herzberg. "TCP Ack storm DoS attacks." Computers & Security (2012), Volume 33, March 2013, Pages 12–27
  • E. Bulus, “Designing attacks for SMTP servers”, International Journal of Computer Systems Science and Engineering 26-1, Jan 2011, pages: 43-48.
  • G. Carl, R.R. Brooks, S. Rai, Wavelet based Denial of service detection, Computers &Security 25, 2006, pages 600-615
  • K. R. David, “Remote Denial of Service Attacks and Countermeasures,” Princeton University Department of Electrical Engineering Technical Report CEL2001-002, Oct 2001.
  • Denial of Service, http://www.texascollaborative.org/SmithModule01/sec1_con.php, June 2009
  • C. Dougligeris, A. Mitrokotsa, DDos attacks and defense mechanisms: classification and state-of-the-art, Computer Networks 44 , 2004, pages 643-666.
  • Dwl-2100AP High Speed 2.4Ghz (802.11g) Wireless 108Mbps Access Point, http://www.dlink.com/products/?pid=292
  • S. Han, E. Chang, T. Dillon, Pairing-based public-key encryption schemes with backward-and-forward security, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 1, January 2008, pages: 303-308.
  • P.K. Hussain, T. Dillon, E. Chang, F. Hussain, Transactional riskbased decision making system in e-business interactions, International Journal of Computer Systems Science and Engineering, Volume 25, Issue: 1, January 2010, pages: 15-28.
  • S. Kumar, Ping attack-How pad is it?, Computers&Security 25, 2006, pages 332-337.
  • F.Y. Lee, S. Shieh, Defending against spoofed DDoS attacks with path fingerprint, Computers&Security 24, 2005, pages 571-586.
  • P. Lisa, “A list of wirelesses network attacks”, SearchSecurity.com, 26 June 2009.
  • M. Bernaschi, F. Ferreri, L.Valcamonici, “Access points vulnerabilities to DoS Attacks in 802.11 networks” Springer Science-Business Media, LLC 2006, 9 October 2006. Macshift.exe, Change your MAC address, http://devices.natetrue.com/macshift/, August 2004
  • Mindi McDowell, “Understanding Denial of Servers Attacks”, United States Computer Emergency Readiness Team (USCERT), 4 November 2009. Microsoft Güvenlik Merkezi, “Botnet nedir”, http://www.microsoft.com/tr-tr/security/resources/botnetwhatis.aspx,2012 Netmaster wireless gateway modem, http://www.netmaster.com.tr/urunler/cbw-560
  • P. Payal, T. Gaurav, C. Rashmi,“Spoofing Media Access Control (MAC) and its Counter Measures”, Published in International Journal of Advanced Engineering & Application, Jan. 2010.
  • Port Numbers, http://www.iana.org/assignments/port-numbers, last updated 2011-04-29.
  • M.S. Stephen, B.L. Ruby, “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures” Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, 2004 International Workshop on Security in Parallel and Distributed Systems, pp. 543-550, September 2004.
  • U.K. Tupakula, V. Varadharajan, A Hybrid Model against TCP SYN and Reflection DDos attacks, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 3, May 2008, pages: 153-166.
  • Verma, Karan, Halabi Hasbullah, and Ashok Kumar, "An efficient defense method against UDP spoofed flooding traffic of denial of service (DoS) attacks in VANET." Advance Computing Conference (IACC), 2013 IEEE 3rd International. IEEE, 2013.
  • Winsock.exe, SAMPLE: Winsock.exe Getting Host Address Using Windows Sockets Article ID:154512, http://support.microsoft.com, Microsoft, August 200

Kablosuz Ağlar için bir DoS Saldırısı Tasarımı

Year 2013, Volume: 6 Issue: 3, 17 - 23, 18.01.2014

Deniz Mertkan Gezgin Ercan Buluş

Abstract

Özet: Kablosuz ağların gelişimi ve kullanımlarının artışı ile bu ağların güvenliğinin sağlaması hususu ön plana çıkmıştır. Kablolu ağlarda bu güne dek kullanılagelmiş olan çeşitli saldırı tipleri, aynı şekilde kablosuz ağlarda da kullanılır olmuştur. En sık görülen saldırı tiplerinden biri, DoS (Denial of Service – Hizmet Reddi) şeklinde sınıflandırılmış olan saldırı çeşididir.  Kablosuz Ağ donanımı imal eden belli başlı şirketler, bu DoS saldırılarına karşı güvenlik politikaları geliştirmiş ve bunları önlemeye çabalamıştır. Ancak, bu kablosuz cihazların kullanıldığı kimi sahalarda birtakım güvenlik zafiyetleri gözlemlenmiştir. Bu çalışmada ilk olarak DoS saldırı teknikleri sınıflandırılmıştır. Ardından, kamuya açık alanlardaki kablosuz ağların DoS saldırılarına karşı zafiyetlerini test etmek için Vbasic programlama dili kullanılarak bir program yazılmıştır. Gerçekleştirilen saldırı tipleri, TCP (Transmission Control Protocol) Taşma saldırısı, UDP (User Datagram Protocol) Taşma saldırısı ve Ping Taşma saldırısı olmuştur. Neticede, gerçekleştirilen saldırılar başarılı olmuştur. 

Keywords

DoS-Denial of Service Hizmet Reddi Ping Flood Tcp Flood Mac Spoofing Erişim Noktası Kablosuz Ağlar

References

  • (REFERENCES) Abramov, Raz, and Amir Herzberg. "TCP Ack storm DoS attacks." Computers & Security (2012), Volume 33, March 2013, Pages 12–27
  • E. Bulus, “Designing attacks for SMTP servers”, International Journal of Computer Systems Science and Engineering 26-1, Jan 2011, pages: 43-48.
  • G. Carl, R.R. Brooks, S. Rai, Wavelet based Denial of service detection, Computers &Security 25, 2006, pages 600-615
  • K. R. David, “Remote Denial of Service Attacks and Countermeasures,” Princeton University Department of Electrical Engineering Technical Report CEL2001-002, Oct 2001.
  • Denial of Service, http://www.texascollaborative.org/SmithModule01/sec1_con.php, June 2009
  • C. Dougligeris, A. Mitrokotsa, DDos attacks and defense mechanisms: classification and state-of-the-art, Computer Networks 44 , 2004, pages 643-666.
  • Dwl-2100AP High Speed 2.4Ghz (802.11g) Wireless 108Mbps Access Point, http://www.dlink.com/products/?pid=292
  • S. Han, E. Chang, T. Dillon, Pairing-based public-key encryption schemes with backward-and-forward security, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 1, January 2008, pages: 303-308.
  • P.K. Hussain, T. Dillon, E. Chang, F. Hussain, Transactional riskbased decision making system in e-business interactions, International Journal of Computer Systems Science and Engineering, Volume 25, Issue: 1, January 2010, pages: 15-28.
  • S. Kumar, Ping attack-How pad is it?, Computers&Security 25, 2006, pages 332-337.
  • F.Y. Lee, S. Shieh, Defending against spoofed DDoS attacks with path fingerprint, Computers&Security 24, 2005, pages 571-586.
  • P. Lisa, “A list of wirelesses network attacks”, SearchSecurity.com, 26 June 2009.
  • M. Bernaschi, F. Ferreri, L.Valcamonici, “Access points vulnerabilities to DoS Attacks in 802.11 networks” Springer Science-Business Media, LLC 2006, 9 October 2006. Macshift.exe, Change your MAC address, http://devices.natetrue.com/macshift/, August 2004
  • Mindi McDowell, “Understanding Denial of Servers Attacks”, United States Computer Emergency Readiness Team (USCERT), 4 November 2009. Microsoft Güvenlik Merkezi, “Botnet nedir”, http://www.microsoft.com/tr-tr/security/resources/botnetwhatis.aspx,2012 Netmaster wireless gateway modem, http://www.netmaster.com.tr/urunler/cbw-560
  • P. Payal, T. Gaurav, C. Rashmi,“Spoofing Media Access Control (MAC) and its Counter Measures”, Published in International Journal of Advanced Engineering & Application, Jan. 2010.
  • Port Numbers, http://www.iana.org/assignments/port-numbers, last updated 2011-04-29.
  • M.S. Stephen, B.L. Ruby, “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures” Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, 2004 International Workshop on Security in Parallel and Distributed Systems, pp. 543-550, September 2004.
  • U.K. Tupakula, V. Varadharajan, A Hybrid Model against TCP SYN and Reflection DDos attacks, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 3, May 2008, pages: 153-166.
  • Verma, Karan, Halabi Hasbullah, and Ashok Kumar, "An efficient defense method against UDP spoofed flooding traffic of denial of service (DoS) attacks in VANET." Advance Computing Conference (IACC), 2013 IEEE 3rd International. IEEE, 2013.
  • Winsock.exe, SAMPLE: Winsock.exe Getting Host Address Using Windows Sockets Article ID:154512, http://support.microsoft.com, Microsoft, August 200
There are 20 citations in total.

Details

Primary Language Turkish
Journal Section Articles
Authors

Deniz Mertkan Gezgin

Ercan Buluş This is me

Publication Date January 18, 2014
Submission Date July 24, 2013
Published in Issue Year 2013 Volume: 6 Issue: 3

Cite

APA Gezgin, D. M., & Buluş, E. (2014). Kablosuz Ağlar için bir DoS Saldırısı Tasarımı. Bilişim Teknolojileri Dergisi, 6(3), 17-23.
 Download Cover Image