Yıl 2013,
Cilt: 6 Sayı: 3, 17 - 23, 18.01.2014
Deniz Mertkan Gezgin
,
Ercan Buluş
Öz
With the development of wireless networks and the increase in their usage, the security of wireless networks has taken the centre stage. Various attack techniques that were previously used in wired networks have started to be used also in wireless networks. One of the major attacks is the one that is generalized as DoS (Denial of Service). Several wireless device producing companies have developed security policies against DoS attacks and tried to prevent them. However, in some of the fields that these devices are used, some security vulnerabilities have been observed. DoS attack techniques have been classified initially in this study. Afterwards, a program has been developed in Vbasic programming language in order to test the vulnerabilities of wireless networks in public places against DoS attacks. The attack types that were realized are TCP (Transmission Control Protocol) Flood, UDP (User Datagram Protocol) Flood and Ping Flood. Consequently, the attacks have been successful.
Kaynakça
- (REFERENCES) Abramov, Raz, and Amir Herzberg. "TCP Ack storm DoS attacks." Computers & Security (2012), Volume 33, March 2013, Pages 12–27
- E. Bulus, “Designing attacks for SMTP servers”, International Journal of Computer Systems Science and Engineering 26-1, Jan 2011, pages: 43-48.
- G. Carl, R.R. Brooks, S. Rai, Wavelet based Denial of service detection, Computers &Security 25, 2006, pages 600-615
- K. R. David, “Remote Denial of Service Attacks and Countermeasures,” Princeton University Department of Electrical Engineering Technical Report CEL2001-002, Oct 2001.
- Denial of Service, http://www.texascollaborative.org/SmithModule01/sec1_con.php, June 2009
- C. Dougligeris, A. Mitrokotsa, DDos attacks and defense mechanisms: classification and state-of-the-art, Computer Networks 44 , 2004, pages 643-666.
- Dwl-2100AP High Speed 2.4Ghz (802.11g) Wireless 108Mbps Access Point, http://www.dlink.com/products/?pid=292
- S. Han, E. Chang, T. Dillon, Pairing-based public-key encryption schemes with backward-and-forward security, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 1, January 2008, pages: 303-308.
- P.K. Hussain, T. Dillon, E. Chang, F. Hussain, Transactional riskbased decision making system in e-business interactions, International Journal of Computer Systems Science and Engineering, Volume 25, Issue: 1, January 2010, pages: 15-28.
- S. Kumar, Ping attack-How pad is it?, Computers&Security 25, 2006, pages 332-337.
- F.Y. Lee, S. Shieh, Defending against spoofed DDoS attacks with path fingerprint, Computers&Security 24, 2005, pages 571-586.
- P. Lisa, “A list of wirelesses network attacks”, SearchSecurity.com, 26 June 2009.
- M. Bernaschi, F. Ferreri, L.Valcamonici, “Access points vulnerabilities to DoS Attacks in 802.11 networks” Springer Science-Business Media, LLC 2006, 9 October 2006. Macshift.exe, Change your MAC address, http://devices.natetrue.com/macshift/, August 2004
- Mindi McDowell, “Understanding Denial of Servers Attacks”, United States Computer Emergency Readiness Team (USCERT), 4 November 2009. Microsoft Güvenlik Merkezi, “Botnet nedir”, http://www.microsoft.com/tr-tr/security/resources/botnetwhatis.aspx,2012 Netmaster wireless gateway modem, http://www.netmaster.com.tr/urunler/cbw-560
- P. Payal, T. Gaurav, C. Rashmi,“Spoofing Media Access Control (MAC) and its Counter Measures”, Published in International Journal of Advanced Engineering & Application, Jan. 2010.
- Port Numbers, http://www.iana.org/assignments/port-numbers, last updated 2011-04-29.
- M.S. Stephen, B.L. Ruby, “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures” Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, 2004 International Workshop on Security in Parallel and Distributed Systems, pp. 543-550, September 2004.
- U.K. Tupakula, V. Varadharajan, A Hybrid Model against TCP SYN and Reflection DDos attacks, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 3, May 2008, pages: 153-166.
- Verma, Karan, Halabi Hasbullah, and Ashok Kumar, "An efficient defense method against UDP spoofed flooding traffic of denial of service (DoS) attacks in VANET." Advance Computing Conference (IACC), 2013 IEEE 3rd International. IEEE, 2013.
- Winsock.exe, SAMPLE: Winsock.exe Getting Host Address Using Windows Sockets Article ID:154512, http://support.microsoft.com, Microsoft, August 200
Kablosuz Ağlar için bir DoS Saldırısı Tasarımı
Yıl 2013,
Cilt: 6 Sayı: 3, 17 - 23, 18.01.2014
Deniz Mertkan Gezgin
,
Ercan Buluş
Öz
Özet: Kablosuz ağların gelişimi ve kullanımlarının artışı ile bu ağların güvenliğinin sağlaması hususu ön plana çıkmıştır. Kablolu ağlarda bu güne dek kullanılagelmiş olan çeşitli saldırı tipleri, aynı şekilde kablosuz ağlarda da kullanılır olmuştur. En sık görülen saldırı tiplerinden biri, DoS (Denial of Service – Hizmet Reddi) şeklinde sınıflandırılmış olan saldırı çeşididir. Kablosuz Ağ donanımı imal eden belli başlı şirketler, bu DoS saldırılarına karşı güvenlik politikaları geliştirmiş ve bunları önlemeye çabalamıştır. Ancak, bu kablosuz cihazların kullanıldığı kimi sahalarda birtakım güvenlik zafiyetleri gözlemlenmiştir. Bu çalışmada ilk olarak DoS saldırı teknikleri sınıflandırılmıştır. Ardından, kamuya açık alanlardaki kablosuz ağların DoS saldırılarına karşı zafiyetlerini test etmek için Vbasic programlama dili kullanılarak bir program yazılmıştır. Gerçekleştirilen saldırı tipleri, TCP (Transmission Control Protocol) Taşma saldırısı, UDP (User Datagram Protocol) Taşma saldırısı ve Ping Taşma saldırısı olmuştur. Neticede, gerçekleştirilen saldırılar başarılı olmuştur.
Kaynakça
- (REFERENCES) Abramov, Raz, and Amir Herzberg. "TCP Ack storm DoS attacks." Computers & Security (2012), Volume 33, March 2013, Pages 12–27
- E. Bulus, “Designing attacks for SMTP servers”, International Journal of Computer Systems Science and Engineering 26-1, Jan 2011, pages: 43-48.
- G. Carl, R.R. Brooks, S. Rai, Wavelet based Denial of service detection, Computers &Security 25, 2006, pages 600-615
- K. R. David, “Remote Denial of Service Attacks and Countermeasures,” Princeton University Department of Electrical Engineering Technical Report CEL2001-002, Oct 2001.
- Denial of Service, http://www.texascollaborative.org/SmithModule01/sec1_con.php, June 2009
- C. Dougligeris, A. Mitrokotsa, DDos attacks and defense mechanisms: classification and state-of-the-art, Computer Networks 44 , 2004, pages 643-666.
- Dwl-2100AP High Speed 2.4Ghz (802.11g) Wireless 108Mbps Access Point, http://www.dlink.com/products/?pid=292
- S. Han, E. Chang, T. Dillon, Pairing-based public-key encryption schemes with backward-and-forward security, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 1, January 2008, pages: 303-308.
- P.K. Hussain, T. Dillon, E. Chang, F. Hussain, Transactional riskbased decision making system in e-business interactions, International Journal of Computer Systems Science and Engineering, Volume 25, Issue: 1, January 2010, pages: 15-28.
- S. Kumar, Ping attack-How pad is it?, Computers&Security 25, 2006, pages 332-337.
- F.Y. Lee, S. Shieh, Defending against spoofed DDoS attacks with path fingerprint, Computers&Security 24, 2005, pages 571-586.
- P. Lisa, “A list of wirelesses network attacks”, SearchSecurity.com, 26 June 2009.
- M. Bernaschi, F. Ferreri, L.Valcamonici, “Access points vulnerabilities to DoS Attacks in 802.11 networks” Springer Science-Business Media, LLC 2006, 9 October 2006. Macshift.exe, Change your MAC address, http://devices.natetrue.com/macshift/, August 2004
- Mindi McDowell, “Understanding Denial of Servers Attacks”, United States Computer Emergency Readiness Team (USCERT), 4 November 2009. Microsoft Güvenlik Merkezi, “Botnet nedir”, http://www.microsoft.com/tr-tr/security/resources/botnetwhatis.aspx,2012 Netmaster wireless gateway modem, http://www.netmaster.com.tr/urunler/cbw-560
- P. Payal, T. Gaurav, C. Rashmi,“Spoofing Media Access Control (MAC) and its Counter Measures”, Published in International Journal of Advanced Engineering & Application, Jan. 2010.
- Port Numbers, http://www.iana.org/assignments/port-numbers, last updated 2011-04-29.
- M.S. Stephen, B.L. Ruby, “Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures” Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, 2004 International Workshop on Security in Parallel and Distributed Systems, pp. 543-550, September 2004.
- U.K. Tupakula, V. Varadharajan, A Hybrid Model against TCP SYN and Reflection DDos attacks, International Journal of Computer Systems Science and Engineering, Volume 23, Issue: 3, May 2008, pages: 153-166.
- Verma, Karan, Halabi Hasbullah, and Ashok Kumar, "An efficient defense method against UDP spoofed flooding traffic of denial of service (DoS) attacks in VANET." Advance Computing Conference (IACC), 2013 IEEE 3rd International. IEEE, 2013.
- Winsock.exe, SAMPLE: Winsock.exe Getting Host Address Using Windows Sockets Article ID:154512, http://support.microsoft.com, Microsoft, August 200