Improvement and simulation of wireless LAN security authentication protocol based on OPNET
|School||Jiangxi University of Technology|
|Course||Applied Computer Technology|
|Keywords||Wireless LAN 0PNET simulation Network Security IEEE802.1X EAP-TLS|
Wireless local area network (WLAN) is a product of the combination of the computer network and wireless communication technology, it uses a radio channel to access the network, provides a potential means for communicating mobile, personalization and multimedia applications, and broadband wireless access One of the effective way. However, due to the wireless transmission medium to provide open access features within a certain range, WLAN security has become a very serious problem, if you can not solve these security issues, further development and promotion of wireless local area network is bound to be extremely limit. This thesis IEEE802.11WLAN architecture, service and protocol architecture do some detailed study and the framework of the basic structure of the BSS performance simulation, wireless LAN security mechanisms and the security problem, of the most common attacks denial-of-service attack analysis and simulation, summarizes the characteristics of denial of service attacks, and denial of service attacks on security issues for wireless LAN solutions, and laid the foundation for the improvement of the security mechanisms; Then scalable IEEE802.1X agreement Authentication Protocol EAP protocols do meticulous research, and pointed out the lack of the authentication protocol; then discuss the authentication layer in the hierarchy of WLAN security authentication method EAP-TLS authentication server RADIUS protocol, EAP-TLS authentication client STA and RADIUS authentication server-based mutual authentication and key pre-issued digital certificates used in the certification process, but not sufficiently validated chosen AP, which would bring some security risks, EAP-TLS authentication messages sent by the AP to the client STA \The papers for the above problems from three aspects of the EAP-TLS improvements: (1) all sent messages in the AP and client STA ciphertext transmission; (2) of the AP end all client STA mutual authentication; (3) increasing the number of state confirmed to avoid denial of service attacks. Finally, improved authentication methods analog simulation and existing IEEE802.1X/EAP-TLS of certification compare, intuitive program improved the advantage on defense wireless DOS attacks.