Security level evaluation system for wireless local area network access devices

doi:10.16511/j.cnki.qhdxxb.2020.25.007

Download: PDF(2014 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract Wireless local area network (WLAN) access devices are critical parts of a network topology that require comprehensive security performance analyses. Security assessment methods for WLAN devices are affected by network environmental factors that limit security performance evaluations of access devices. This paper presents a security level assessment system for WLAN access devices that integrates security function assessments with vulnerability assessments in a device security level assessment that is independent of the application environment security based on a combination of semi-quantitative and quantitative analyses methods. Tests with several mainstream brand devices show that the evaluation system can automatically evaluate the security level of WLAN access devices.

Keywords wireless local area network (WLAN) security level evaluation vulnerability assessment fuzzing test

Issue Date: 26 April 2020

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	ZHANG Mingyuan
	WU Wei
	SONG Yubo
	HU Aiqun

Cite this article:

ZHANG Mingyuan,WU Wei,SONG Yubo, et al. Security level evaluation system for wireless local area network access devices[J]. Journal of Tsinghua University(Science and Technology), 2020, 60(5): 371-379.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2020.25.007 OR http://jst.tsinghuajournals.com/EN/Y2020/V60/I5/371

[1] 刘永磊, 金志刚, 杜磊. 开放接入点的安全可信接入[J]. 计算机工程与应用, 2016, 52(6):99-101, 106.LIU Y L, JIN Z G, DU L. Secure and trusted access for access point (AP) in open system authentication[J]. Computer Engineering and Applications, 2016, 52(6):99-101, 106. (in Chinese)
[2] PRADEEPKUMAR B, TALUKDAR K, CHOUDHURY B, et al. Predicting external rogue access point in IEEE 802.11 b/g WLAN using RF signal strength[C]//2017 International Conference on Advances in Computing, Communications and Informatics. Udupi, India:IEEE, 2017:1981-1986.
[3] 王龙华. 基于OpenWRT的无线网络安全检测系统的设计与实现[D]. 北京:北京邮电大学, 2017.WANG L H. Design and implementation of wireless network security detection system based on OpenWRT[D]. Beijing:Beijing University of Posts and Telecommunications, 2017. (in Chinese)
[4] LI J, YUAN K, ZHOU L, et al. A detection method of WLAN security mechanisms based on MAC frame resolution[J]. Wuhan University Journal of Natural Sciences, 2017, 22(2):93-102.
[5] LIU S D, LIU Y L, JIN Z G. Attack behavioural analysis and secure access for wireless access point (AP) in open system authentication[C]//2017 13th International Wireless Communications and Mobile Computing Conference. Valencia, Spain:IEEE, 2017:741-746.
[6] HUANG H Q, HU Y J, JA Y, et al. A whole-process WiFi security perception software system[C]//2017 International Conference on Circuits, System and Simulation (ICCSS). London, UK:IEEE, 2017:151-156.
[7] MISTRY D M, VERMA S. Evaluation of performance of flooding attack in Ad hoc network[J]. International Journal of Engineering Research & Technology, 2012, 1(4):1-4.
[8] BANDARU S. Investigating the effect of jamming attacks on wireless LANS[J]. International Journal of Computer Applications, 2014, 99(14):5-9.
[9] 刘勇. 针对WLAN攻击的效能评估技术研究[D]. 西安:西安电子科技大学, 2017.LIU Y. A research of effectiveness evaluation for wireless local area networks attack[D]. Xi'an:Xidian University, 2017. (in Chinese)
[10] 王亚超. 基于层次分析的无线网络安全风险评估方法[D]. 天津:中国民航大学, 2015.WANG Y C. Wireless network security risk assessment method based on 4-layer risk analytic hierarchy[D]. Tianjin:Civil Aviation University of China, 2015. (in Chinese)
[11] WANG D, ZHOU M. A framework to test reliability and security of WiFi device[C]//Proceedings of the 15th International Conference on Electronic Packaging Technology. Chengdu, China:IEEE, 2014:953-958.
[12] MENDONCA M. Vulnerability detection in device drivers[D]. Lisbon, Portugal:University of Lisbon, 2017.
[13] VANHOEF M, SCHEPERS D, PIESSENS F. Discovering logical vulnerabilities in the WiFi handshake using model-based testing[C]//Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. New York, USA:ACM, 2017:360-371.
[14] SOEWITO B, HIRZI. Building secure wireless access point based on certificate authentication and firewall captive portal[J]. EPJ Web of Conferences, 2014, 68:29.
[15] 张人上, 李雅韵, 安俊娥. 基于加密机制模式的无线路由器网络安全设计[J]. 火力与指挥控制, 2016, 41(8):169-173.ZHANG R S, LI Y Y, AN J E. Research and design of wireless router network security based on encryption mechanisms[J]. Fire Control & Command Control, 2016, 41(8):169-173. (in Chinese)
[16] 沈祥修, 李永忠. 无线路由器安全性研究与优化[J]. 通信技术, 2018, 51(1):195-199.SHEN X X, LI Y Z. Research and optimization of WiFi router security[J]. Communications Technology, 2018, 51(1):195-199. (in Chinese)
[17] SUTTON M, GREENE A, AMINI P. Fuzzing:Brute force vulnerability discovery[M]. Massachusetts:Addison-Wesley Professional, 2007.
[18] 王强, 孟浩华. 一种融合CVSS的信息安全终端安全评估模型[J]. 计算机与数字工程, 2016, 44(4):675-682.WANG Q, MENG H H. Information security evaluation model with CVSS[J]. Computer & Digital Engineering, 2016, 44(4):675-682. (in Chinese)
[19] CVE-search[EB/OL].[2019-01-23]. https://github.com/cve-search/cve-search.