A Software-defined Networking-based Detection and Mitigation Approach against KRACK

Yi Li, Marcos Serrano, Tommy Chin, Kaiqi Xiong, Jing Lin

Abstract

Most modern Wi-Fi networks are secured by the Wi-Fi Protected Access II (WPA2) protocol that uses a 4-way handshake. Serious weaknesses have been discovered in this 4-way handshake that allows attackers to perform key reinstallation attacks (KRACKs) within the range of an Access Point (AP) to intercept personal information. In this paper, we study KRACK and present a software-defined networking (SDN)-based detection and mitigation framework to defend against KRACK. The proposed framework leverages the characteristic of an SDN controller, a global view of a network, to monitor and manage a Wi-Fi network traffic. It consists of two main components: detection and mitigation modules. Both of them are deployed on the SDN controller. The detection module will monitor network traffic and detect the duplicated message 3 of the 4-way handshake. Once KRACK has been detected, the mitigation module will update the flow table to redirect the attack traffic to a splash portal, which is a place to store attack traffic. Extensive experimental results demonstrate that the proposed framework can efficiently detect and mitigate KRACK. We achieve an average of 170.926 ms to detect KRACK and an average of 10.041 ms to mitigate KRACK in our experiments.

Download


Paper Citation


in Harvard Style

Li Y., Serrano M., Chin T., Xiong K. and Lin J. (2019). A Software-defined Networking-based Detection and Mitigation Approach against KRACK.In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT, ISBN 978-989-758-378-0, pages 244-251. DOI: 10.5220/0007926202440251


in Bibtex Style

@conference{secrypt19,
author={Yi Li and Marcos Serrano and Tommy Chin and Kaiqi Xiong and Jing Lin},
title={A Software-defined Networking-based Detection and Mitigation Approach against KRACK},
booktitle={Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,},
year={2019},
pages={244-251},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007926202440251},
isbn={978-989-758-378-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,
TI - A Software-defined Networking-based Detection and Mitigation Approach against KRACK
SN - 978-989-758-378-0
AU - Li Y.
AU - Serrano M.
AU - Chin T.
AU - Xiong K.
AU - Lin J.
PY - 2019
SP - 244
EP - 251
DO - 10.5220/0007926202440251