无线局域网802.11i安全加密技术探索

由于传输媒体的开放性,利用无线局域网进行通信要求其具有更高更完善的保密性能。通过分析无线局域网在网络安全方面的特性,提出无线局域网的安全框架和层次化的网络安全技术。并对IEEE802.11i协议的体系结构,数据加密技术IEEE802.11i进行剖析,探讨CCMP协议的工作安全性能。     

基于接入控制器模式的公共无线局域网安全体系设计

公共无线局域网面临网络安全、用户数据保护、身份认证、移动管理及网络服务等多方面的挑战。将现有的公共无线局域网分为WISP—owned,Operator—owned以及for Enterprise 3种类型,并分别讨论了各种类型的特征及其架构。在此基础上提出一种基于接入控制器模式的通用安全体系,可应用于目前大多数类型的公共无线局域网。提出了一种802．1X和Web认证的混合型认证协议,该协议在进行Web认证时将利用802．1X协商后产生的密钥进行,可有效地抵抗窃取服务、基站伪装、消息窃听等攻击,并与现有公共无线局域网Web认证相兼容。     

无线局域网安全策略研究

文章介绍了无线局域网的安全风险和安全需求,分析了IEEE802．11b标准采用的WEP方案及其安全漏洞,并进一步分析了WEP改进方案WEP2、WEP密钥散列、提供集中认证和动态密钥分发功能的EAP／802．1X、四次握手协议以及基于IPSec标准的安全方案,并提出WLAN安全方案实施策略。     

无线接入点WAPI认证机制的研究与实现

随着无线局域网技术的广泛应用，新的无线局域网安全标准被提出以增强无线局域网的安全性能。在分析WAPI(WLAN Authentication and Privacy Infrastructure)标准的技术特征和基本架构的基础上，介绍了无线接入点对WAPI认证机制的实现机理和具体流程，并对WAPI认证机制的性能进行测试分析。     

基于IEEE802.11无线局域网的研究

为了达到在任何时间、任何地点和任何人均能进行数据通信的目标,传统的计算机网络需要由有线向无线、由固定向移动、由单一业务向多媒体发展。无线局域网(WLAN),正在以它的高度灵活性、移动性、低成本和日益提高的传输能力发挥着越来越重要的作用,成为未来网络发展的主流形式之一。本文首先介绍了IEEE802.11协议家族,详细分析了IEEE802.11无线局域网系统体系结构和协议体系结构。总结了它的特点和优势。     

BDCF——支持双向传输的无线局域网协议

为了充分利用无线局域网有限的频率和带宽资源,提出了一种新的支持双向传输的媒体接入控制(MAC)协议.该协议将两个方向互逆的数据分组合并在一个帧交换序列中进行传输,从而减少链路层与物理层的开销,节省宝贵的带宽资源.建模及仿真结果表明,与其他MAC协议相比,该协议明显提高双向流的平均吞吐量,同时保持与标准802.11分布式...     

无线局域网面临的安全问题及其检测的方法的探索

无线局域网是在互联网中以无线媒体或介质进行通信的网络,彻底避免有线网络线缆对用户的束缚。典型的技术是IEEE802.11系列标准,传输速率在11～54Mbps,802.11n标准的出台使其传输速率最高可达到300Mbps。近年来,无线局域网的发展非常迅速并且得到广泛的应用。然而,无线局域网面临的安全问题也是不容忽视的。基于此,进行关于无线局域网面临的安全问题及其检测的方法的探索具有非常重要的意义。结合当前无线局域网的具体发展状况对无线局域网面临的安全问题及其检测的方法进行深入的探索。     

无线局域网的加速

无线局域网即WLAN,目前速度级别都处于802.11b标准,支持的最大数据传输率是54Mbps。现如今对网络速度的要求越来越高,随着大多笔记本电脑都配备802.11n标准的无线网卡,可以支持最大为300Mbps的数据传输率,那么如何升级加速现有的无线局域网也是现代企业面临的现实问题。将为您介绍升级无线LAN具体操作。     

EAP-FAST在公共无线局域网安全接入控制中的研究及实现

Cisco公司于2004年提出基于隧道的灵活认证协议（EAP-FAST）以替代存在安全漏洞的LEAP认证协议，该协议具有安全性和易部署性的特点。文章论述了基于8021x协议的EAP-FAST认证协议及其实现技术，并在公共无线局域网(PWLAN)综合实验平台上实现了EAP-FAST认证的客户端、认证者、认证服务器端功能。     

蓝牙与Wi-Fi信道占用分析

由于共享2.4G ISM频段,使得蓝牙网络与Wi-Fi(IEEE 802.11b)无线局域网之间存在干扰.简单的分析蓝牙网络与IEEE 802.11b无线局域网之间存在干扰情况,并对克服干扰,实现两者共存诸方法进行分析与评述.     

Energy efficiency modelling for IEEE 802.11a distribution coordination function system without finite retry limits

Use of IEEE 802.11 wireless local area networks (WLANs) as an extension to existing wired networks, offering both mobility and portability in a residential or office environment, is growing at an unprecedented rate. One of the critical limitations of current WLANs is the limited energy storage of mobile devices, and the design of energy-efficient protocols for WLANs has therefore become an area of intensive research. An analytical framework to study the energy consumption and energy efficiency of IEEE 802.11a WLANs is proposed. The energy consumption by considering the interactions between IEEE 802.11a PHY and MAC layers is modelled. Simulation results demonstrate that the theoretical model is accurate in predicting the energy efficiency over a wide range of scenarios. In addition, the effects of different PHY and MAC layer parameters on energy efficiency of IEEE 802.11a WLANs are investigated, as are the effects of different parameters on energy efficiency.     

A certificateless public key encryption based return routability protocol for next-generation IP mobility to enhance signalling security and reduce latency

IPv6 mobility is an IETF standard that has added roaming capabilities of mobile node (MN). It allows MNs to travel from one network to another without any distraction in communication service. MNs register their current location to home stations and correspondent hosts via a process known as binding update. In IPv6 mobility, return routability protocol (RRP) is a standard procedure for updating the current location of MNs through binding update message to their communicants. However, RRP has several security threats and issues. Subsequently, RRP was integrated with identity-based encryption for improvement of security. Nevertheless, it suffers from some limitations such as inherent key escrow problem, lack of key revocation, high computational load and latency while providing security. Hence, this paper proposes a novel approach called optimised RRP using certificateless public key encryption to address these issues. The proposed protocol is simulated and validated using Automated Validation of Internet Security Protocols and Applications (AVISPA) – a model checker. Finally, the simulation and numerical results illustrate the extent to which the proposed protocol surpasses the existing method in terms of enhanced security and significant reduction in communication payload with minimised latency.     

Performance analysis of IEEE 802.11 DCF and 802.11e EDCA based on queueing networks

The authors propose a new analytical model based on BCMP closed queueing networks in order to evaluate the performance of IEEE 802.11 DCF MAC protocol when all nodes are in the transmission range of each other, that is, a single hop wireless ad hoc network. By the proposed model, some performance metrics such as saturation and non-saturation throughput, distributions of channel access delay and the number of packets in the MAC buffer are derived. An extension of the proposed model is used for the analysis of IEEE 802.11e EDCA and the same performance metrics are evaluated for this protocol. Analytical results on IEEE 802.11e prove that differentiation in service is possible and channel share for each service type may be well assigned by tuning the MAC protocol parameters. Simulation results show consistency with our analytical results.     

A Secure Communication Protocol for Unmanned Aerial Vehicles

Mavlink is a lightweight and most widely used open-source communication protocol used for Unmanned Aerial Vehicles. Multiple UAVs and autopilot systems support it, and it provides bi-directional communication between the UAV and Ground Control Station. The communications contain critical information about the UAV status and basic control commands sent from GCS to UAV and UAV to GCS. In order to increase the transfer speed and efficiency, the Mavlink does not encrypt the messages. As a result, the protocol is vulnerable to various security attacks such as Eavesdropping, GPS Spoofing, and DDoS. In this study, we tackle the problem and secure the Mavlink communication protocol. By leveraging the Mavlink packet’s vulnerabilities, this research work introduces an experiment in which, first, the Mavlink packets are compromised in terms of security requirements based on our threat model. The results show that the protocol is insecure and the attacks carried out are successful. To overcome Mavlink security, an additional security layer is added to encrypt and secure the protocol. An encryption technique is proposed that makes the communication between the UAV and GCS secure. The results show that the Mavlink packets are encrypted using our technique without affecting the performance and efficiency. The results are validated in terms of transfer speed, performance, and efficiency compared to the literature solutions such as MAVSec and benchmarked with the original Mavlink protocol. Our achieved results have significant improvement over the literature and Mavlink in terms of security.     

Survey and Analysis of VoIP Frame Aggregation Methods over A-MSDU IEEE 802.11n Wireless Networks

The IEEE 802.11n standard has provided prominent features that greatly contribute to ubiquitous wireless networks. Over the last ten years, voice over IP (VoIP) has become widespread around the globe owing to its low-cost or even free call rate. The combination of these technologies (VoIP and wireless) has become desirable and inevitable for organizations. However, VoIP faces a bandwidth utilization issue when working with 802.11 wireless networks. The bandwidth utilization is inefficient on the grounds that (i) 80 bytes of 802.11/RTP/UDP/IP header is appended to 10–730 bytes of VoIP payload and (ii) 765 µs waiting intervals follow each 802.11 VoIP frame. Without considering the quality requirements of a VoIP call, be including frame aggregation in the IEEE 802.11n standard has been suggested as a solution for the bandwidth utilization issue. Consequently, several aggregation methods have been proposed to handle the quality requirements of VoIP calls when carried over an IEEE 802.11n wireless network. In this survey, we analyze the existing aggregation methods of VoIP over the A-MSDU IEEE 802.11n wireless standard. The survey provides researchers with a detailed analysis of the bandwidth utilization issue concerning the A-MSDU 802.11n standard, discussion of the main approaches of frame aggregation methods and existing aggregation methods, elaboration of the impact of frame aggregation methods on network performance and VoIP call quality, and suggestion of new areas to be investigated in conjunction with frame aggregation. The survey contributes by offering guidelines to design an appropriate, reliable, and robust aggregation method of VoIP over 802.11n standard.     

A Blockchain-Based Authentication Protocol for WLAN Mesh Security Access

In order to deploy a secure WLAN mesh network, authentication of both users and APs is needed, and a secure authentication mechanism should be employed. However, some additional configurations of trusted third party agencies are still needed on-site to deploy a secure authentication system. This paper proposes a new block chain-based authentication protocol for WLAN mesh security access, to reduce the deployment costs and resolve the issues of requiring key delivery and central server during IEEE 802.11X authentication. This method takes the user’s authentication request as a transaction, considers all the authentication records in the mesh network as the public ledger and realizes the effective monitoring of the malicious attack. Finally, this paper analyzes the security of the protocol in detail, and proves that the new method can solve the dependence of the authentication node on PKI and CA.     

MAC-layer channel utilisation enhancements for wireless mesh networks

The authors focus on a wireless mesh network, that is, an ad hoc IEEE 802.11-based network whose nodes are either user devices or Access Points providing access to the mesh network or to the Internet. By relying on some work done within the IEEE 802.11s TG, the network nodes can use one control channel and one or more data channels, each on separate frequencies. Then, some problems related to channel access are identified and a MAC scheme is proposed that specifically addresses the problem of hidden terminals and the problem of coexisting control and data traffic on different frequency channels. An analytical model of the MAC scheme is presented and validated by using the Omnet++ simulator. Through the developed model, we show that our solution achieves very good performance both in regular and in very fragmented mesh topologies, and it significantly outperforms the standard 802.11 solution.     

Improved power-saving medium-access protocol for IEEE 802.11e QoS-enabled wireless networks

The performance of a new pointer-based medium-access control protocol that was designed to significantly improve the energy efficiency of user terminals in quality-of-service-enabled wireless local area networks was analysed. The new protocol, pointer- controlled slot allocation and resynchronisation protocol (PCSARe), is based on the hybrid coordination function-controlled channel access mode of the IEEE 802.11e standard. PCSARe reduces energy consumption by removing the need for power-saving stations to remain awake for channel listening. Discrete event network simulations were performed to compare the performance of PCSARe with the non-automatic power save delivery (APSD) and scheduled-APSD power- saving modes of IEEE 802.11e. The simulation results show a demonstrable improvement in energy efficiency without significant reduction in performance when using PCSARe. For a wireless network consisting of an access point and eight stations in power-saving mode, the energy saving was up to 39% when using PCSARe instead of IEEE 802.11e non-APSD. The results also show that PCSARe offers significantly reduced uplink access delay over IEEE 802.11e non-APSD, while modestly improving the uplink throughput. Furthermore, although both had the same energy consumption, PCSARe gave a 25% reduction in downlink access delay compared with IEEE 802.11e S-APSD.     

Enhancing enhanced distributed channel access function based on cross-layer information for multirate wireless networks

IEEE 802.lie provides guaranteed quality of service (QoS) by proving different transmission priorities. IEEE 802. lie improves the media access control layer of IEEE 802.11 to satisfy the different QoS requirements by introducing two new channel access functions: the enhanced distributed channel access (EDCA) and the hybrid coordination function-controlled channel access. The available bandwidth and transmission rate may be easily affected by the signal quality, because the communication channel in a wireless environment operates in a random time-variation manner. Generally, a station using a low transmission rate will occupy the communication channel for a long time and degrade system performance, which causes bandwidth waste and unfairness; thus the guaranteed QoS for stations with higher transmission rates cannot be provided. An enhancing EDCAF (E DCAF) is proposed that consolidates the cross-layer concept and the IEEE 802.1 le EDCAF protocol. After simulation experiments, E DCAF obviously improves performance, especially in throughput and fairness. E DCAF scheduling also allows the different QoS requirements to be processed efficiently and flexibly.