Designing a Secure Network Interface By Thwarting Mac Spoofing Attacks

In recent trends, wireless networks have emerged as one of the choicest forms of data communication. Wireless networks provide an array of benefits like, easy installation, flexibility, mobility, scalability and reduced cost of ownership. In spite of several advantages, there are some serious issues, which pose security risks when confidentiality, integrity and authenticity issues are concerned. In infrastructure wireless networks, providing access only to legitimate users is a challenge to most network administrators. Attackers are equipped with various tools and techniques to break the security and gain illegitimate access to the organization's data and other such secured entities. Some of the wireless networks employ MAC filtering techniques for providing network access to hosts. In order to gain unauthorized access to such networks spoofing- attack with false IP-MAC pair is the first step in most of the LAN based attacks. Address Resolution Protocol (ARP) is the main cause of spoofing attack. Many network and host level mechanisms have been proposed to counter such attacks. However, they have their own sets of drawbacks. In our proposed work, we have configured an open source network security tool for the detection of various attacks or spoofed MAC attack exploited in IEEE 802.11 wireless networks. In this work, we have tried to differentiate between the genuine station and the attacker station by 3-phase authentication method. In our proposed work the algorithms are developed upon three phase i.e. probe request frame, authentication frame and association frame. This scheme has been tested under all possible spoofing cases and yielded favorable results.