Deployment of Coordinated Multiple Sensors to Detect Stealth Man-in-the-Middle Attack in WLAN

Full Text (PDF, 520KB), PP.44-51

Views: 0 Downloads: 0


Ravinder Saini 1,* Surinder S. Khurana 1

1. Central University of Punjab, Bathinda, India

* Corresponding author.


Received: 3 Aug. 2015 / Revised: 18 Nov. 2015 / Accepted: 15 Feb. 2016 / Published: 8 Jun. 2016

Index Terms

Stealth Man-In-The-Middle attack, wireless local area network, hole 196 vulnerability, group temporal key, ARP cache poisoning, WLAN security


The use of wireless devices is increasing tremendously in our day-to-day life because of their portability and ease of deployment. The augmented practices of using these technologies have put the user security at risk. The Stealth Man-In-The-Middle (SMITM) is one of the attacks that has arisen out of the flaw in the wireless technology itself. This attack aims at stealing the data of the network users by redirecting the traffic aimed at a legitimate user towards itself. Moreover the access point or any other detection device connected to the wired media fails to detect this attack. The objective of this work is to develop a technique that would be able to detect SMITM attack efficiently. In this work we present a SMITM detection approach. Our approach detects the SIMTM attack by deploying multiple coordinated sensors. The simulation results witnessed that the proposed scheme is capable of detecting SMITM attack even in case of a mobile attacker.

Cite This Paper

Ravinder Saini, Surinder S. Khurana, "Deployment of Coordinated Multiple Sensors to Detect Stealth Man-in-the-Middle Attack in WLAN", International Journal of Information Technology and Computer Science(IJITCS), Vol.8, No.6, pp.44-51, 2016. DOI:10.5815/ijitcs.2016.06.06


[1]B. A. Forouzan, "Wireless LANs," in Data Communications and Networking, The McGraw Hills Publications, pp. 421-443.

[2]A. H. Lashkari, M. M. S. Danesh and B. Samadi, "A Survey on Wireless Security Protocols (WEP, WPA and WPA2/802.11i)," Beijing, 2009. URL:  wireless_security_protocols_wep_wpa_and_wpa2_802.11i_.pdf

[3]S Vibhuti, "IEEE 802.11 WEP wired equivalent privacy concepts and vulnerability." Accessed on August-10-2015. URL:

[4]Wi-Fi Alliance,. "Wi-Fi Protected Access: Strong, standards-based, interoperable security for today’s Wi-Fi networks." White paper, University of Cape Town, 2003. URL:

[5]M. Matthews and R. Hunt , "Evolution of Wireless LAN Security Architecture to IEEE 802.11i (WPA2)," in Proceedings of the Fourth lASTED Asian Conference on Communication Systems and Networks, 2007. URL:

[6]S. Heron, "Advanced Encryption Standard (AES)." Network Security 2009, pp. 8-12, Vol. no. 12, 2009. URL:

[7]K. Curran, and S. Elaine, "Demonstrating the Wired Equivalent Privacy (WEP) Weaknesses Inherent in Wi-Fi Networks." Information Systems Security 15, 2006, pp. 17-38. URL:  VeBL-DmQmuE

[8]P. Congdon, B. Abode, A. Smith, G. Zorn, and J. Roese. "IEEE 802.1 X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines." No. RFC 3580. 2003. URL:

[9]C. Perkins, and P. Calhoun. "Authentication, authorization, and accounting (AAA)." IETF RFC 5637, 2005. URL:

[10]B. Aboba, B. Larry, V. Vollbrecht, C. James, and L. Henrik, "Extensible authentication protocol (EAP)". No. RFC 3748. 2004. URL:

[11]T.S. Sobh, “Wi-Fi Networks Security and Accessing Control”, International Journal of Computer Network and Information Security, vol. 5, no. 7, pp. 9-20, 2013. URL: html 

[12]“IEEE Standard for information technology communications and information exchange between systems local and metropolitan area networks specific requirements," IEEE, 2007. URL:

[13]M. S. Ahmad, "WPA Too!," in Defcon, Las Vegas, 2010. URL:

[14]Thuc, NGUYEN Dinh, and NGUYEN An Bien. "Hotspot Security." URL: 

[15]A. Herzberg and H. Shulman, "Stealth-MITM DoS Attacks on Secure Channels," vol. 7, no. 1, pp. 1-27, 19 October 2009. URL:

[16]V. Kumar, S. Chakraborty, F. A. Bharbhuiya and S. Nandi, "Detection of Stealth Man-In-The-Middle Attack in WLAN," 2nd IEEE International Conference on Parallel, Distributed and Grid Computiong, pp. 290-295, Dec 2012. URL:  number%3D6449834

[17]W. Jian, F. Zhi-feng and C. Yong, "Design and Implementation of Lightweight Wireless Lan Intrusion Detection System," in Fourth International Conference on Multimedia Information Networking and Security Nanjing, 2012. URL:  number%3D6405633

[18]M. Kacic, P. Hanacek, M. Henzl and P. Jurnecka, "Malware Injection in Wireless Networks," in The 7th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, Berlin, 2013 URL:  number%3D6662732

[19]D. W. Vilela, E. W. T. Ferreira, A. A. A. S. Shinoda, N. V. de Souza Araújo, R. de Oliveira and V. E. Nascimento, "A Dataset for Evaluating Intrusion Detection Systems in IEEE 802.11 Wireless Networks," in Colombian Conference on Communications and Computing, Bogota, 2014. URL:  number%3D6860434

[20]V. Kumar, A. Tiwari, P. Tiwari, A. Gupta and S. Shrawne, "Vulnerabilities of Wireless Security Protocols (WEP and WPA2)," International Journal of Advanced Research in Computer Engineering & Technology, vol. 1, no. 2, pp. 91-96, April 2012. URL:

[21]N. Agrawal, P. K. Bhale and S. Tapaswi, "Preventing ARP Spoofing in WLAN using SHA-512," in IEEE International Conference on Computational Intelligence and Computing Research, Inathi, 2013. URL:  number%3D6724145