A Novel Algorithm to detect Replay Attack in WLANs
Rajinder Singh1, Satish Kumar2
1Rajinder Singh*, DCSA, Panjab University SSGRC, Hoshiarpur, Punjab, India.
2Dr. Satish Kumar, DCSA, Panjab University SSGRC, Hoshiarpur, Punjab, India.
Manuscript received on September 22, 2019. | Revised Manuscript received on October 20, 2019. | Manuscript published on October 30, 2019. | PP: 1801-1807 | Volume-9 Issue-1, October 2019 | Retrieval Number: A1437109119/2019©BEIESP | DOI: 10.35940/ijeat.A1437.109119
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Nowadays, security of wireless local area networks (WLANs) is the biggest concern for many organizations. Protecting wireless networks from unauthorized users is a major concern to be addressed. The broadcasting nature of the wireless networks makes it vulnerable to carry different types of attacks. Main wireless threats are man in the middle attack, eavesdropping, evil twin attack and replay attack etc. In this paper Replay Attack threat is highlighted. An attacker can use many different tools available freely on the internet to carry this type of attack. We propose a methodology to detect the Replay attack. In this paper a variant of replay attack called address resolution replay attack is discussed. To carry this attack Ettercap tool is used. In this type of attack, attacker floods the wireless network with ARP traffic. So the performance of the wireless network degrades. To detect ARP request/replay attack our proposed method uses protocol field and nature of frame field. A Replay attack in which all the traffic captured and replayed is also discussed. To detect this type of attack, main parameters which are considered are the number of retransmitted packets, number of duplicate ACK and number of TCP spurious retransmitted packet.
Keywords: MITM, RAP, RSSI, RTT