Center for Studies in Privacy & Security
(CSPS)

High Performance & Grid Computing Research Group

School of Computer Science
University of Windsor






Members:

Dr. Akshai Aggarwal

Dr. Robert Kent


Ph. D. Scholars:
Shushan Zhao, Amar Patel


Master's Student:
Aqila Dissanakyake, Debashis Roy, Du Peng, Mondal M


Alumni:
Arshad Shaikh, Jun Wei, Gasn Xinyu, Wang Xiaoguang, Du Zhiying, Aniruddha
Bharadawaj, Lu Xin, Sheng Bai

Marmagna Desai, Varasprasad Reddy, Hailun Yan, Farhan Mirza



Studies in Simulation of Wireless Attacks

Privacy Issues




S/no. Title Assignment/Project Files Reference Papers Names Date of Presentation
1 Simulating Eavesdropping Attack over Wireless Network Eavesdropping attack, over Wi-Fi


Presentation


Simulating Eavesdropping Attack over Wireless Network


Project Files
  1. M. Domenico, A. Calandriello, G. Calandriello and A. Lioy. Dependability in Wireless Networks: Can We Rely on WiFi?. IEEE Security and Privacy, 5(1):23-29, 2007
  2. http://www.tscmvideo.com/eavesdropping/eavesdropping-device.html
  3. LucidLink, the network security products company, WiFiTheft.com, wifi.weblogsinc.com, WarDriving.com, Wigle.net, www.intelligentedu.com
  4. Wikipedia encyclopedia.
  5. http://www.sciam.com/article.cfm
  6. Eavesdropping on Wi-Fi, chapter 6 page 122
Fadi Farhat 8 Nov
2 Denial of Service (DoS) attack with UDP Flood in wire network Denial of Service (DoS) attack with UDP Flood in wire network


Denial of Service (DoS) attack with UDP Flood
  1. Distributed Denial of Service Attacks
    Felix Lau,Stuart H. Rubin,Michael H. Smith,Ljiljana Trajkovic,Simon Fraser University of Burnaby, BC, Canada
  2. Measuring Denial Of Service
    Jelena Mirkovic,Peter Reiher,Alefiya Hussain,Sonia Fahmy,Stephen Schwab,Roshan Thomas,Calvin Ko University of Delaware
  3. Distributed Denial of Service: Taxonomies of Attacks, Tools and Countermeasures
    Stephen M. Specht,Ruby B. Lee Princeton University
Valon Sejdini , Hasan Chowdhury, Xiaoming Li 13 Nov
3 TCP SYN Flood DoS Attack Experiments in Wireless Network TCP SYN Flood DoS Attack Experiments in Wireless Network


Presentation


TCP SYN Flood DoS Attack Experiments in Wireless Network


Project Files

  1. Carnegie Mellon University's Computer Emergency Response Team
    http://www.cert.org/

  2. ftp://info.cert.org/pub/cert_advisories/CA96.26.ping

  3. ftp://info.cert.org/pub/cert_advisories/CA96.21.tcp_syn_flooding

  4. SYN Flood DoS Attack Experiments
    http://www.niksula.hut.fi/~dforsber/synflood/result.html

  5. TCP Header Format
    http://www.scit.wlv.ac.uk/rfc/rfc7xx/RFC7932.gif

  6. Transmission Control Protocol Specification
    http://www.nic.funet.fi/pub/doc/rfc/rfc793.txt

  7. Wireshark User's Guide
    http://www.wireshark.org/docs/

  8. http://www.winpcap.org

  9. http://wiki.wireshark.org/CaptureSetup

  10. TCP SYN Flooding Attacks and Remedies
    http://www.networkcomputing.com/unixworld/security/004/004.txt.html
  11. http://en.wikipedia.org/wiki/Nmap
Ashif Adnan, Aktar-uz-zaman, Alam Mohammad 13 Nov
4 Attacking and Detection: DoS in Wireless Network by Injecting Disassociation Frames through Data Link Layer Disassociation Attack: DoS Attack in 802.11 Wireless Network


Presentation


Attacking and Detection: DoS in Wireless Network by Injecting Disassociation Frames through Data Link Layer

  1. “Host AP driver for Intersil Prism2/2.5/3” [Online] Available:
    http://hostap.epitest.fi

  2. S. Anderson “A Linux Wireless Access Point HOWTO” chapter 4, v0.1, 2003, June 6, [Online] Available: http://oob.freeshell.org/nzwireless/hostap.html

  3. Source Location for downloading Hostap-0.0.4 driver, [Online], Available: http://hostap.epitest.fi/releases/

  4. Source Location for downloading libwlan-0.1, [Online] Available:
    http://wirelessexposed.blogspot.com/2007/03/hakcing-tools-at-your-disposal.html

  5. Pablo Brenner “A Technical Tutorial on the IEEE 802.11 Protocol” 1996. Breeze.com

  6. Allison H. Scogin “Disabling a Wireless Network via Denial of Service” Technical Report MSU-070424

  7. http://www.intel.com/support/wireless/wlan/sb/CS-025325.htm
 		Yufei Xu, Xin Wu and Da Teng 13 Nov
5 System Penetration with Metasploit Framework System Penetration with Metasploit Framework and nmap


Presentation


System Penetration with Metasploit Framework

  1. Peltier, J. “Metasploit Tuorial – A New Day for System Exploits”. The Ethical Hacker Network. URL:
    http://www.ethicalhacker.net/content/view/29/24/

  2. Saita, Anne. ”Windows image flaw now 'extremely critical'. Information Security Magazine. Dec 29, 2005.URL: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1154914,00.html

  3. “Computer Security”.Wikepedia: The Free Encyclopedia. URL: http://en.wikipedia.org/wiki/Computer_security

  4. “Software Bug”. Wikepedia: The Free Encyclopedia. URL:
    http://en.wikipedia.org/wiki/Computer_bug

  5. “Microsoft Security Bulletin MS06-001”. Microsoft Tech Net. URL:
    http://www.microsoft.com/technet/security/bulletin/MS06-001.mspx

  6. “Exploit (computer security)”.Wikepedia: The Free Encyclopedia. URL:
    http://en.wikipedia.org/wiki/Exploit_(computer_security)
Robert Bobek 15 Nov
6 Fragmentation Attack on a Wireless Network Fragmentation Attack on a Wireless Network


Fragmentation Attack on a Wireless Network

  1. Jason Anderson, An Analysis of Fragmentation Attacks,
    http://www.ouah.org/fragma.htmlMarch 15, 2001 (as of Nov 04, 07)

  2. Spoonfork, Understanding IP Fragmentation,
    http://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=4005;October 16, 2001 (as of Nov 04, 07)

  3. Thomas Lopatic, NT Fragmentation Attack,
    http://insecure.org/sploits/NT.no_first_fragment.IP_frag.attack.html;10 July 1997 (as of Nov 04, 07)

  4. William K. Hollis,
    http://digital.net/~gandalf/Rose_Frag_Attack_Explained.htm(as of Nov 04, 07)

  5. http://nemesis.sourceforge.net/#unix (as of Nov 04, 07)

  6. http://www.wireshark.org (as of Nov 04, 07)

  7. http://www.snort.org (as of Nov 04, 07)

  8. http://www.winpacp.org (as of Nov 04, 07)

  9. MS00-029: Windows Hangs with Fragmented IP Datagrams,
    http://support.microsoft.com/default.aspx?scid=kb;en-us;259728&sd=tech,Article ID: 259728, Revision: 8.3, May 12, 2007 (as of Nov 04, 07)

  10. G. Ziemba Alantec D. Reed Cybersource P. Traina cisco Systems, Category: Informational
    http://community.roxen.com/developers/idocs/rfc/rfc1858.html;October 1995 (as of Nov 04, 07)

  11. Mogul, J., "Simple and Flexible Datagram Access Controls for Unix-based Gateways", Digital Equipment Corporation, March 1989.

  12. http://www.packetfactory.net/projects/nemesis/
 		Amar B. Patel, Mohammed Fadel Mokbel, Shushan Zhao 15 Nov
7 Denial of Service (DoS) attack with UDP Flood in wire network Xmas Tree Scan Wireless Jamming (DoS) attack


Presentation


Xmas Scan Detection with Snort Using CommView and Nmap


Project Files

Kumar, Sanjeev., Smurf-based Distributed Denial of Service (DDoS) attack
amplification in Internet, Internet Monitoring and Protection, 2007. ICIMP 2007.
Second International Conference on 1-5 July 2007 P.25 25, 2007.

Mirkovic, Jelena., Reiher, Peter., A taxonomy of DDoS attack and DDoS defense
mechanisms, ACM SIGCOMM Computer Communication Review, Volume 34 Issue

Aqila Dissanayake, Olalekan Kadri 15 Nov
8 ARP Spoofing and Man in the Middle attack using Ettercap ARP Spoofing and Man in the Middle attack using Ettercap


ARP Spoofing and Man in the Middle attack using Ettercap

  1. ARP spoofing,
    http://www.webopedia.com/TER/ A/ARP_spoofing.html

  2. ARP spoofing, http://en.wikipedia.org/wiki/ARP_spoofing

  3. Wireless Man in the Middle Attack Part I,
    http://blogs.ittoolbox.com/wireless/networks/archives/wireless-man-in-the-middle-attack-part-i-7422

  4. Wireless Access Point and ARP Poisoning,
    http://www.packetnexus.com/docs/arppoison.pdf

  5. Xarp 0.1,
    http://www.governmentsecurity.org/ archive/t9274.html

  6. ARPwatch,
    http://www.securityfocus.com/tools/142

  7. Nmap,
    http://en.wikipedia.org/wiki/Nmap

  8. An Ettercap Primer,
    https://www2.sans.org/ reading_room/whitepapers/tools/1406.php?portal=9b1a0c905186c3963b683660224c6b0b

  9. ETTERCAP – An Easy Tutorial,
    http://www.openmaniak.com/ettercap.php
Debashish Roy, Rachita Singh, Katayoon Moazzami 20 Nov
9 Man-in-the-Middle attack, peforming both a passive and an active attack (From Survey: 25/11/2007) Project2


Presentation

Bobek, Robert N/A
10 Attack – Smurf (From Survey: 25/11/2007) Report


Presentation

  1. Clayton Bolz, W. Romney, Brandon L. Rogers, from Brigham Young University, Provo, UT. Safely train security engineers regarding the dangers presented by denial of service attacks, Conference On Information Technology Education Proceedings of the 5th conference on Information technology education, 2004

  2. Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao from the Department of Computer Science and Software Engineering, The University of Melbourne, Australia. Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Computing Surveys (CSUR), Volume 39, Issue 1 (2007).
 		Dissanayake, Aqila, Olalekan, Habib Kadri N/A
11 Attacking a Wireless Network via De-authentication Attacking a Wireless Network via De-authentication


+ Wireless Attack – DoS

  1. Allison H. Scogin, Disabling a Wireless Network via Denial of Service, Technical Report MSU-070424.

  2. S. Harris, CISSP Certification, 2nd Edition, McGraw-Hill/Osborne, Emeryville, CA, 2003, p. 873.

  3. Basic Digital Forensic Investigation Concepts,
    http://www.digitalevidence.ie

  4. Wireless Access Point and ARP Poisoning,
    http://www.packetnexus.com/docs/arppoison.pdf org/di_basics.html (current Mar 1, 2007).

  5. M. S. Gast, 802.11 Wireless Networks: The Definitive Guide, 2nd Edition, OReilly Media, Inc., Sebastopol, California, 2005.

  6. R. Power, 2000 CSI/FBI Computer Crime and Security Survey, Computer Security Journal, vol. 16, no. 2, 2000, pp. 33-49.

  7. A. S. Tanenbaum, Computer Networks, 4th Edition, Prentice Hall, Upper Saddle River, New Jersey, 2003.

  8. http://salis.iisc.ernet.in/soho/hostap_documentation1.htm, 2007 for hostap installation

  9. http://www.wirelessdefence.org/Contents/Void11Installation.htm, 2007 for void11 installation
 		Dou Wang, JiaYing Shi, Ying Chen 20 Nov
12 Wired TCP SYN Flooding and Snort IDS Wired SYN Flooding as a DoS Attack


Wired TCP SYN Flooding and Snort IDS

Project Files

  1. Clayton Bolz, W. Romney, Brandon L. Rogers, from Brigham Young University, Provo, UT. Safely train security engineers regarding the dangers presented by denial of service attacks, Conference On Information Technology Education Proceedings of the 5th conference on Information technology education, 2004

  2. Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao from the Department of Computer Science and Software Engineering, The University of Melbourne, Australia. Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Computing Surveys (CSUR), Volume 39, Issue 1 (2007).
 		Matthew Ruston 20 Nov





Further Attacks



S/no. Title Project Files References Researched by Created on
1 Brute Force Attacks,

Buffer Overflow Attacks,

Other Attacks 		Research File References: from 60-368 course (Network Practicum) Khinan M. Imtiaz,
Sonia Ayub		 15 Aug
4 MAC Spoofing,

802.1X RADIUS Cracking,

Ad Hoc Associations,

Other Attacks		 Research File http://searchsecuritychannel.techtarget.com/tip/0,289483,sid97_gci1231653,00.html

http://manageengine.adventnet.com/products/wifi-manager/wireless-lan-attacks.html

Sonia Ayub,
Khinan M. Imtiaz		 15 Aug





Top