See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/327005883 Enterprise WLAN Security Flaws: Current Attacks and relative Mitigations Conference Paper · August 2018 DOI: 10.1145/3230833.3230836 CITATION READS 1 384 2 authors, including: Marianne A. Azer National Telecommunication Institute, Egypt 100 PUBLICATIONS 540 CITATIONS SEE PROFILE Some of the authors of this publication are also working on these related projects: Cyber Security Attacks Against Industrial control Systems View project Survey and taxonomy of information-centric vehicular networking security attacks View project All content following this page was uploaded by Marianne A. Azer on 20 November 2021. The user has requested enhancement of the downloaded file. Enterprise WLAN Security Flaws Current Attacks and relative Mitigations Mohamed A. Abo-Soliman Faculty of Communication and Information Technology, Nile University, Cairo, Egypt, moh.soliman@nu.edu.eg; Marianne A. Azer National Telecommunication Institute, Nile University, Cairo, Egypt, mazer@nu.edu.eg ABSTRACT The Increasing number of mobiles and handheld devices that allow wireless access to enterprise data and services is considered a major concern for network designers, implementers and analysts. Enhancements of wireless technologies also accelerate the adoptions of enterprise wireless networks that are widely deployed solely or as an extension to existing wired networks. Bring Your Own Device is an example of the new challenging wireless trends. BYOD environments allow the use of personal mobile computing devices like smart phones, tablets, and laptops for business activities. BYOD has become popular in work places since they keep users in their comfort zone leading to higher productivity and cost reduction for businesses. Nevertheless, business data and services are consequentially subject to several wireless attacks, whether they are hosted on a cloud or on premises, especially when travelling through the open air. Corporates usually apply network-access-control systems for securing enterprise wireless LANs. However, the security systems may be compromised due to detected flaws posing the enterprise critical information to leakage or the entire network to interruption or complete failure. In this paper, we study the impact of wireless attacks on enterprise wireless LANs. The study helps in evaluating the real risks that threaten wireless technologies. In Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. © 2018 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royaltyfree right to publish or reproduce this article, or to allow others to do so, for Government purposes only. ARES 2018, August 27--30 2018, Hamburg, Germany © 2018 ACM. 978-1-4503-6448-5/18/08...$15.00 https://doi.org/10.1145/3230833.3230836 additions, recommended mitigations and practices to overcome the detected vulnerabilities and security flaws are proposed. CCS CONCEPTS Networks → Network properties → Network security → Mobile and wireless security KEYWORDS EAP, Enterprise WLAN attacks, Mobile Security, Network Access Control, WPA2. ACM Reference format: Mohamed A. Abo-Soliman and Marianne A. Azer. 2018. Enterprise WLAN Security Flaws: Current Attacks and relative Mitigations. In Proceedings of International Conference on Availability, Reliability and Security (ARES 2018). ACM, New York, NY, USA, 10 pages. https://doi.org/10.1145/3230833.3230836 1 INTRODUCTION Wireless communication plays a prominent role in human’s daily activities. Almost all digital devices adopt at least one wireless technology. Wi-Fi, Bluetooth, ZigBee, NFC and UWB are different short-range communication technologies that help establishing connectivity between two or more devices. Among these technologies, Wi-Fi standard is the earliest and most common technique not only for personal and home usage but also for organizations and business needs [1]. Wi-Fi is built on 802.11 standard, which defines physical layer specifications for creating Local Area Network through the unlicensed spectrum 2.4, 5, and 60 GHz radio frequency ISM band. The standard released in several consecutive versions where each version includes amendments and adaptations to solve issues of the previous version through time to ensure quality of service and security [2]. However, wireless LAN users are subject to different types of wireless attacks, which are always updated to exploit detected vulnerabilities of wireless communication systems [3]. Most of wireless attacks target personal WLANs, which depend on pre-shared key (PSK) cryptography. Some other attacks target enterprise WLANs that depend on digital certificates for devices validation. Another type of attacks can penetrate both WLAN security modes; personal and enterprise; ARES 2018, August 27--30 2018, Hamburg, Germany M. Abo-Soliman et al. regardless the applied cryptographic materials. In this paper, we focus on active and effective attacks that threaten enterprise WLANs protected by WPA2-Enterprise. WPA2 is still considered the latest and most secure 4-way handshake protocol for wireless security that comply with 802.11i [4]. However, recent attacking techniques compromise the different implementations of WPA2 security standard. The remainder of this paper is organized as follows: Section 2 introduces enterprise WLAN security. Section 3 introduces the three main categories of wireless attacks. Attacks are profoundly surveyed in section 4. Experimental work is presented in section 5. Section 6 discusses the current detected vulnerabilities and proposes recommended mitigations. Conclusion and future work are presented in section 7. 2 ENTERPRISE WLAN SECURITY Although corporate users are seeking usability and mobility to achieve their business objectives, the criticality of business data urges for robust protection especially when travelling through the open air. WPA2/enterprise mode is always implemented for large networks in 802.1x [5] architecture to ensure optimum network access control. WPA2 typically uses AES [6] for encryption and either CCMP [7] or GCMP [8] for data integrity [9]. Per-session security keys are agreed on and distributed during the 4-way handshake by Tunnel-Based Extensible Authentication Protocol (EAP) [10], [11]. In this scenario authentication takes place through public key environment that ensures identity validation for the communicating devices [12]. Tunneled-based EAP methods are normally a combination of two subset EAP methods: Outer authentication EAP method that creates a secure tunnel based on Transport Layer Security (TLS) RFC5246 [13], and inner EAP method that performs user/device authentication. A dedicated server is used to manage authentication and key agreements by exporting the randomly generated cryptographic keys. Transport Layer Security (TLS) [14], Tunneled TLS (TTLS) [15], and Protected Extended Authentication Protocol (PEAP) [16] are most common examples of EAP. Transmitted EAP messages between device and access point are encapsulated in EAP over LAN (EAPOL) frames [17] while Messages between access point and authentication server are usually encapsulated in RADIUS format [18]. Figure 1 depicts the architecture of WPA2-enterprise WLANs. In WPA2/enterprise, the supplicant refers to the client; authenticator refers to the network Access Point while authentication server refers to the database server that host client access secrets. Figure 1: Authentication in Enterprise WLANs 3 MAIN CATEGORIES OF WIRELESS ATTACKS Three main aspects are usually considered for wireless security: authentication, confidentiality and availability [19]. Authentication ensures that only authorized entities can access the network. Confidentiality protects transmitted data from monitoring and decryption. Availability aims to preserve network functionality and stability. Based on these wireless security aspects, Wireless attacks may be classified into the following three main categories. 3.1 Authentication attacks Authentication attacks target stealing access credentials to reuse later for accessing the network, among these attacks are brute force [20] and dictionary attacks [21]. Single sign on (SSO) architecture that enables same credentials for both network access and intranet service encourages attackers to crack wireless access secrets. This allows the attacker to gain access, not only to layer two Wi-Fi network, but also to all authorized resources of the cracked account. 3.2 Confidentiality attacks Unlike authentication attacks, exporting authentication values is not an objective for confidentiality attacks. It rather targets confidentiality of data, by intercepting the transmitted data flow between communicating devices. Confidentiality attacks are real-time stealthy attacks that monitor, decrypt and analyze wireless transmitted information without the need to gain network access credentials, such as evil twin attack [22] and key reinstallation attacks [23]. 3.3 Availability attacks Availability attacks’ objective is to stop or interrupt normal communication of an active wireless client or even the entire network such as Wireless Denial of Service (WDoS), flooding and Jamming attacks. Attacks main categories are summarized in Figure 2. 2 Enterprise WLAN Security Flaws Figure 2: Main Categories of Wi-Fi Attacks with examples 4 ENTERPRISE WIRELESS LAN ATTACKS Wireless attacks are always updated to exploit detected vulnerabilities of wireless communicating systems. The robustness of WPA2 provides a strong shield against several wireless attacks. However, the increasing computation and processing power, continuous efforts by attackers, penetration testers, network evaluators and researchers led to the emerging of new advanced attacking techniques that may exploit detected vulnerabilities of WPA2 secure network. In this section, we list the effective attacks that threaten WPA2 secure networks. ARES 2018, August 27--30 2018, Hamburg, Germany offline dictionary attack on the captured packets. The authentication codes in WPA2-enterprise are always username and password. 4.2.2 Active Dictionary Attack. In active dictionary attack, the network access trials target a running in-production access point directly requesting to join the network. If the access point responds with successful authentication for one attempt, then the guessed authentication value is correct. Parallel active dictionary attacks [21] can crack WPA-PSK protected network in 100 times faster than traditional one client attack. Based on Virtual Wireless Client (VWC), the attackers use virtual multiple clients with spoofed MAC addresses to accelerate penetration time. In WPA2/enterprise, device/user identity must be exported first by monitoring authentication messages. The exported identity is then concatenated with the proposed password trial as shown in Figure 3. 4.1 Brute Force attacks Based on a generated large number of consecutive guesses, the cracker’s software applies a trial-and-error method to obtain authentication information such as passphrases, access credentials or personal identification number (PIN). This attack is applied offline on a captured handshake or online to access an actively running network by applying several authentication attempts until the success of one attempt. Brute force is effective with short authentication values because the resources required for a brute-force attack grow exponentially with increasing key size [24]. 4.2 Dictionary attacks In order to crack a wireless network authentication key, pin, code, password or passphrase, intruders can test accessing the target network several successive times with different guessed values until one succeeds. Authentication values are stored in a custom dictionary files generated based on business type, devices default passwords, humans’ common phrases, language and location. Dictionary files are continuously increasing in size and the possibility of success since they are shared and distributed through the internet. Dictionary attacks are launched in two different mechanisms: Passive/offline dictionary attack and active dictionary attacks. 4.2.1 Passive Dictionary Attack. Passive (offline) dictionary attacks are amongst the most common attacks against wireless communication [25]. The broadcast nature of wireless communication allows malicious intruders to collect WLAN authentication information such as EAPOL messages in WPA2 WLANs. Authentication codes are later retrieved by running an Figure 3: Dictionary attack for enterprise wireless network 4.3 The Evil Twin Attack The evil twin attack [22], [26] is launched by a rogue access point and an authentication server that are planted in the covered vicinity of a victim. Based on roaming client misconfiguration or user misbehavior that accept invalid server certificate, the evil twin attack allows any corporate device to access a fake network with SSID similar to legitimate enterprise SSID. This enables the attackers to monitor transmitted data in addition to stealing access credentials. 4.4 Key Reinstallation Attacks Key reinstallation attacks [23] target all WPA/WPA2 protected WLANs by Exploiting WPA/WPA2 state machine vulnerability. Key reinstallation attacks enforce the reuse of already-in-use key in a communicating session by resetting key parameters such as nonce and replay counter. There are three main types of key reinstallation attacks. 4.4.1 Four-Way Handshake Key-Reinstallation Attack. Mutual Authentication takes place in all WPA2 secure networks based on a shared secret called Pairwise Master Key (PMK) that is 3 ARES 2018, August 27--30 2018, Hamburg, Germany used to generate session keys called Pairwise Transient Key (PTK). PMK is produced based on two random numbers called SNonce and ANonce. SNonce is generated at the Access Point while ANonce is generated at the client. Practically, attackers may capture and replay the third message of the handshake four messages, which includes the session PTK. This enforces resetting the incremental Nonce and replay counter allowing the attackers to decrypt transmitted data regardless of the applied EAP method nor the confidentiality Protocol. 4.4.2 Group Key Handshake Key-Reinstallation Attack. Group Key Handshake takes place directly after the 4-way handshake. Two EAPOL messages exchange the encrypted group key (GTK), which is used for encrypting multicast transmitted messages. The main vulnerability behind group key reinstallation is the acceptance of any previously used replay counter at the authenticator. Thus if the attacker blocks and captures the second message of the group key handshake and replays it later, the authenticator will practically install the dated GTK because the authenticator matches the replay counter with any used replay counter in the group key handshake. Figure 4 depicts the group key reinstallation attack. M. Abo-Soliman et al. keying material is not available before exchanging the cryptographic keys. In additions, it is not possible to cipher the probing, beacon and legacy 802.11 authentication/association frames without a long-term shared key. Therefore, an attacker can send continuous de-authentication frames to the client or access point, with a spoofed MAC address [27]. Deauthentication DoS exploits the 802.11 management frames. These frames do not require any encryption even when the session is established with the confidentiality protocol. The attacker only needs to know the victim's MAC address, which can easily be retrieved by network monitoring. 5 EXPERIMENTAL WORK The main objective of our experiment is to evaluate the resistance of WPA2/enterprise authentication methods using tunnel-based EAP. This is done through two main testing methods. The first is performed on a dedicated test lab while the second is applied by launching live attacks on different client devices that are members of corporate networks. 5.1 Test Lab Evaluation The test lab is a prototype implementation of complete enterprise network. Based on 802.1x architecture, we installed FreeRadius [28] as an authentication server and the access point was configured as Pass-through authenticator with WPA2 corporate mode. Various client types in terms of model and operating system was configured as network mobile nodes. The attacking device was based on Kali Linux with the required dependencies to enable the attacking-scripts. All the attacking scripts are developed using python. Wireshark [29] was also used for packets capture and headers analysis. Lab architecture is shown in Figure 5. Figure 4: Group Key Reinstallation Attack 4.4.3 Fast Transition Handshake Key-Reinstallation Attack. Although 802.11r amendment is developed mainly to protect 802.11 networks against key reinstallation, a recent attack [23] is performed for Wi-Fi networks using WPA2 personal mode. Fast transitions handshake is vulnerable to key reinstallation in most Wi-Fi networks protected by WPA2 enterprise mode because 802.1x handshake is not required for roaming devices after new fast transition handshake. The re-association frames are based on previously derived session master key. 4.5 De-authentication Attacks Unfortunately, initial MAC layer frames can easily be sniffed during legacy authentication and association phases because 4 Figure 5: Lab architecture 5.1.1 Lab Testbed . Table 1 shows the technical Specifications of devices and systems that were used for lab evaluation. Enterprise WLAN Security Flaws ARES 2018, August 27--30 2018, Hamburg, Germany Table 1: Testbed Lab Components Authentication Server Access point validation is not enforced. Software OS: Centos 7 App: Freeradius Hardware intel core i52.5GH, 4 GB RAM TP-Link wireless N Router Client 1 Android Quad-core 1.4GH, 2GB RAM Client 2 Windows 10, 64bit intel core 2 Duo 3GHz, 4 GB RAM Client 3 Linux Centos 7 intel core 2 Duo 3GHz, 4 GB RAM 5.1.2 Lab Evaluation Methodology. In the test lab evaluation, we have launched different attacks against each configured security protocol respectively. Each attack is performed several times on the same protocol. Same attack is launched to the same protocol on Linux-based system, android-based system and MS windows-based system to get its success ratio for each authentication method. Three variants of EAP were implemented sequentially. The three methods are EAP-TTLS, EAP-PEAP and EAP-TLS, which are currently applied in most Network-AccessControl (NAC) systems. Other password-based authentication methods are also reviewed in this study but our lab evaluation focuses mainly on WPA2 using tunneled EAP methods. 5.1.3 Lab Evaluation Results. Results of the applied evaluation tests are presented in Figure 6 that graphically shows Active attacks success ratio against tunneled EAP methods. Amongst the launched attacks, de-authentication has the highest success rate for all security techniques. Key reinstallation attacks come in the second severity level against all secure methods. Online dictionary and Evil-Twin attacks failed to penetrate EAP-TLS with valid certificate. EAP-TLS and EAP-PEAP can be compromised by online dictionary and evil twin attacks if client Figure 6: Attacks Success Ratio 5.2 Live Attacks Evaluation Live experiments were performed on active in-production corporate NAC systems like ARUBA Clear-Pass and PulseSecure to test the effectiveness of the attacks. We followed known ethical considerations before launching the live attacks by getting network owner’s permissions of the volunteering companies. The target devices were identified by MAC addresses and were all under our control. Table 2 summarizes the overall resistance of most common WPA2/EAP authentication methods where the Up arrow () denotes protocol resistant while the down arrow () denotes protocol vulnerable to attacks. These out-comings are based on results of our live evaluation, test lab in addition to theoretical reviews of previous academic studies.: 6 DETECTED VULNERABILITIES AND PROPOSED MITIGATIONS Wireless Security analysts endeavor to detect new security flaws Table 2: Common authentication protocols resistance against wireless effective Attacks Authentication Attacks Confidentiality Attacks Availability Attacks Authentication Protocol Resistance (%) Dictionary Brute Force Key-Reinstallation Evil-Twin De-authentication EAP-MD5 0% EAP-PSK 0% 0% 40% EAP-AKA 40% EAP-SPEKE 20% EAP-FAST 40% * * * 20 : 60 % * * * 20 : 60 % 60% EAP-LEAP EAP-SIM EAP-TTLS EAP-PEAP EAP-TLS Password EAP Tunnel EAP * EAP-TTLS & EAP-PEAP can resist against Dictionary and Evil Twin attacks when client validation is applied. Thus, resistance ratio may reach 60%. 5 ARES 2018, August 27--30 2018, Hamburg, Germany and vulnerabilities that could be exploited by attackers. In this section, we highlight the newly discovered vulnerabilities that allow penetrating wireless networks. This may help in patching and remediating wireless access control systems. The study involves a test lab in addition to theoretical research. 6.1 Detected Vulnerabilities The success of attacks is a result of bad implementation or native issues in the applied security protocols. Weak passwords and use of invalid or weak certificates are common examples of bad implementations. Native security issues are the detected weaknesses or vulnerabilities of wireless protocol that is exploited by attackers. This section discusses the latest vulnerabilities for each attacking category. 6.1.1 Authentication Attacks Vulnerabilities. Three vulnerabilities have been detected that allow authentication penetration of enterprise WPA2. The first is the device/user identity detection due to a known vulnerability of sending identity intentionally in a clear text within the tunnel. Getting username is a mandatory step before dictionary passwords test trials starts. The second vulnerability is that WPA2-enterprise does not apply a native locking after multiple authentication failures from same source. It rather depends on 802.1x architecture where time intervals are configured at the authenticator to manage session time, idle timeout, etc... These intervals are exchanged between EAP authentication servers and Authenticators through EAP methods. However, locking client authentications after a specified number of authentication failures is not practically enforced. The third addressed vulnerability is the server validating only by client for EAP-PEAP and EAP-TLS authentication. This can easily be compromised by accepting any certificate at the attacking devices. EAP-TLS is not susceptible to this attack because it enforces client-side validation. WPA2 enterprise cracking is considered of higher risk than personal WPA2 security protocols because the cracked values are usually domain or enterprise user credentials, which allow the attacker to gain access not only to layer two Wi-Fi network but also to all authorized resources of the cracked account. 6.1.2 Confidentiality Attacks Vulnerabilities. Confidentiality attacks exploitations have two main reasons: The first issue is M. Abo-Soliman et al. the lack of knowledge and bad implementations, while the second is due to the native vulnerabilities of security protocols. Users’ misbehaviors and devices’ misconfiguration of accepting invalid certificates at the client/user side simplify the evil twin attacks. Some other WPA2 native vulnerabilities are exploited by key reinstallation attacks regardless of the used encryption and integrity protocols. Key reinstallation attacks target all WPA/WPA2 protected WLAN by exploiting their state machine through the enforcement of the reuse of already-in-use key in a communicating session by resetting key parameters such as Nonces in the 4-way handshake and replay counter in group-key handshake. 6.1.3 Availability Attacks Vulnerabilities. The transmission of Management frames in clear text is considered one of the main vulnerabilities for lots of WDoS and other wireless attacks. The acceptance of de-authentication and de-association frames from any transmitting nodes without device-validation allows malicious nodes to provoke network functionality. 6.2 Proposed Mitigations Vulnerability detection is the first step of various security risks mitigations. In the following subsections, a list of proposed mitigations to recover previously discussed recent effective attacks is proposed. 6.2.1 Security Mitigations for Authentication Attacks. Native authentication rejection after specific number of trials is a mandatory requirement to defend against online active dictionary attack. This closes the door against malicious intruders. Online parallel dictionary attacks by utilizing multiple virtual clients that use spoofed MAC addresses may succeed to crack network access secrets. However, locking techniques decrease the possibility of penetration. Applying a dedicated application, certificate or a SIM card at the client must be enforced at the client in a cellular-style security for enterprise Wi-Fi networks. Identity hiding must be enforced because detecting the legitimate username makes it easy for attacker to apply the dictionary attack. 6.2.2 Security Mitigations for Confidentiality Attacks. New security requirements must be added to the current WPA2 state machine in order to resist against key reinstallation attacks. The first update is to prevent the re-use of Nonces during the 4-way Table 3: WLAN Effective Attacks and Proposed Mitigations 6 Enterprise WLAN Security Flaws handshake. Adequate replay counter in the group key handshake is required by not allowing acknowledgment with an already used replay counter within the same session. Another update should be enforced which is installing the GTK only after receiving acknowledgment from all supplicants. 6.2.3 Security Mitigations for Availability Attacks. Amongst the open challenges for WDoS attacks is a valid defense against deauthentication attacks. Dedicated IDSs may be used in promiscuous mode to detect fake de-authentication based on transmission parameters by monitoring all traffic in the secure area. The main concern is to provide native protocol security. Legacy 802.11 authentication should undergo adequate update. Authenticating the de-authentication frames is an adequate solution. This can be applied by sending encrypted deauthentication frames within the established tunnel in addition to the clear-text frames for active communicating clients. Communicating peers should not accept de-authentication frames from unauthenticated clients. This will help detecting inappropriate de-authentication frames from rogue sender. Table 3 summarizes corporate networks’ effective attacks and their adequate proposed mitigations. 6.2.4 General Security Considerations. Countermeasures should be considered to maintain corporate wireless LANs security to ensure continuous protection for transmitted data and provided services. Among these countermeasures are the use of strong encryption and valid certificates for enterprise service that passes through 802.11 wireless medium. Periodic inductions and awareness sessions should be conducted for all users and administrators who deal with mobile devices and sensors. In additions, regular wireless security audits should be implemented by applying penetration tests on the authentication handshakes to detect other vulnerabilities of WLAN security techniques. These practices help in mitigating the newly discovered vulnerabilities. Figure 7 depicts the recommended general security considerations. Figure 7: Enterprise WLAN Security Consideration 7 CONCLUSION AND FUTURE WORK In this paper, we have performed theoretical and practical studies on enterprise WLAN Security. A profound analysis was discussed on the resistance of applied security countermeasures against recent effective wireless attacks. The study involved a test lab, live practices and academic reviews to evaluate the impact of current wireless attacks on common enterprise security methods. The study confirmed real risks of recent attacks on all WPA2 authentication methods. In additions, new vulnerabilities that allow penetration of enterprise wireless ARES 2018, August 27--30 2018, Hamburg, Germany networks were detected and practically evaluated. Recommended mitigation and amendments to resolve the detected issues were proposed. This encourages the communication society to work for a new protection standard that natively protects sensitive data transmission. For the future, we plan to develop a new version of WLAN secure protocol stack for protecting the next generation of wireless communication. It should include the surveyed modifications and amendments that resist recent attacking techniques. This will help avoiding potential risks that threatens wireless authentication, confidentiality, and availability. REFERENCES [1] K. Sharma and B. Gupta, "Attack in Smartphone Wi-Fi Access Channel: State of the Art, Current Issues, and Challenges," in Next-Generation Networks: Springer, 2018, pp. 555-561. [2] B. Bellalta, L. Bononi, R. Bruno, and A. Kassler, "Next generation IEEE 802.11 Wireless Local Area Networks: Current status, future directions and open challenges," Computer Communications, vol. 75, pp. 1-25, 2016. [3] A. Kavianpour and M. C. Anderson, "An Overview of Wireless Network Security," in Cyber Security and Cloud Computing (CSCloud), 2017 IEEE 4th International Conference on, 2017, pp. 306-309: IEEE. [4] S. Alblwi and K. Shujaee, "A Survey on Wireless Security Protocol WPA2," in Int. Conf. security and management, 2017, pp. 12-17. [5] I. S. Association, "802.1 x-2010," ed: Žiūrėta, 2014. [6] F. P. Miller, A. F. Vandome, and J. McBrewster, "Advanced encryption standard," 2009. [7] M. H. Jakubowski and R. Venkatesan, "Cryptographic technique that provides fast encryption and decryption and assures integrity of a ciphertext message through use of a message authentication code formed through cipher block chaining of the plaintext message," ed: Google Patents, 2001. [8] D. McGrew, "Galois counter mode," in Encyclopedia of Cryptography and Security: Springer, 2011, pp. 506-508. [9] H. I. Bulbul, I. Batmaz, and M. Ozel, "Wireless network security: comparison of wep (wired equivalent privacy) mechanism, wpa (wi-fi protected access) and rsn (robust security network) security protocols," in Proceedings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop, 2008, p. 9: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). [10] S. Hanna, K. Hoeper, H. Zhou, and J. Salowey, "Requirements for a TunnelBased Extensible Authentication Protocol (EAP) Method," 2012. [11] N. Cam-Winget, S. Hanna, H. Zhou, and J. Salowey, "Tunnel Extensible Authentication Protocol (TEAP) Version 1," 2014. [12] S. S. Rezaie, S. A. Hoseini, and H. Taheri, "Implementation of Extensible Authentication Protocol in OPNET Modeller." [13] T. Dierks, "The transport layer security (TLS) protocol version 1.2," 2008. [14] D. Simon, B. Aboba, and R. Hurst, "The EAP-TLS authentication protocol," 2070-1721, 2008. [15] P. Funk and S. Blake-Wilson, "Extensible authentication protocol tunneled transport layer security authenticated protocol version 0 (EAP-TTLSv0)," 2008. [16] H. Andersson, S. Josefsson, G. Zorn, D. Simon, and A. Palekar, "Protected EAP Protocol (PEAP)," draft-josefsson-pppext-eaptls-eap-05. txt, work-in-progress, 2002. [17] J.-C. Chen, M.-C. Jiang, and Y.-w. Liu, "Wireless LAN security and IEEE 802.11 i," IEEE Wireless Communications, vol. 12, no. 1, pp. 27-36, 2005. [18] C. Rigney, S. Willens, A. Rubens, and W. Simpson, "Remote authentication dial in user service (RADIUS)," 2070-1721, 2000. [19] M. A. Abo-Soliman and M. A. Azer, "A study in WPA2 enterprise recent attacks," in2017 13th International Computer Engineering Conference (ICENCO), 2017, pp. 323-330. [20] S. Aked, C. Bolan, and M. Brand, "A Proposed Method for Examining Wireless Device Vulnerability to Brute Force Attacks via WPS External Registrar PIN Authentication Design Vulnerability," in Proceedings of the International Conference on Security and Management (SAM), 2012, p. 1: The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp). [21] O. Nakhila, A. Attiah, Y. Jinz, and C. Zoux, "Parallel active dictionary attack on wpa2-psk wi-fi networks," in Military Communications Conference, MILCOM 2015-2015 IEEE, 2015, pp. 665-670: IEEE. [22] A. Bartoli, E. Medvet, and F. Onesti, "Evil twins and WPA2 enterprise: A coming security disaster?," Computers & Security, 2018. 7 ARES 2018, August 27--30 2018, Hamburg, Germany [23] M. Vanhoef and F. Piessens, "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2," ed. Conference on Computer and Communications Security: CCS, 2017. [24] D. Bongard, "Offline bruteforce attack on wifi protected setup," Presentation at Passwordscon, 2014. [25] D. Wang and P. Wang, "Offline dictionary attack on password authentication schemes using smart cards," in Information Security: Springer, 2015, pp. 221237. [26] P. Sharma, P. K. Kaushal, and P. R. Sharma, "Survey on Evil Twin Attack," International Journal of Scientific Engineering and Research (IJSER), vol. 4, no. 4, pp. 54-58, 2015. [27] V. Poddar, R. Jaipur, and M. Chopra, "Detection of the de-authentication denial of service attack in 802.11 wireless networks," Int. J. Sci. Eng. Res, vol. 6, no. 10, pp. 150-158, 2015. [28] A. DeKok, "FreeRADIUS," Http://Freeradius. org, 2008 [29] [1]L. Chappell and G. Combs, Wireshark network analysis: the official Wireshark certified network analyst study guide. Protocol Analysis Institute, Chappell University, 2010 8 View publication stats M. Abo-Soliman et al.