Özet:

Abstract Context. An issue of correct configuration of honeypots is still opened, especially it is about honeypots that simulate wireless networks as their clients are mobile and zone of control is not limited. Wrong configuration of honeypot may become its usage disinterested inside automated system especially it is applicable to honeypots for IEEE 802.11 wireless networks. Honeypot with open (no authentication) method or with low security may be suspicious for experienced attacker otherwise, it become easy prey for attackers whose goal is just access to Internet. On the other hand, usage of honeypot with strong security level make no sense as well, as this model will become unconquerable for attackers. Most protected access points use authentication method WPA2, usage of which may assure attacker that he/she attacks legitimate system. Objective. The goal of the researching work is to develop diagnostic model for honeypots in IEEE 802.11 wireless networks, which is conditionally secured by authentication method WPA/WPA2. Proposed model can help to assess possibility to leverage known WPA vulnerabilities by attacker on access point with given configuration. Method. An evaluation method of attacker’s qualification and its technical set of equipment in way of WPA/WPA2 encryption key selection for wireless honeypot is offered. Implementation of this method allows to reach load reduction on honeypot what will provide an illusion of system authenticity for attacker. Method of distributed brute force attack on authentication method WPA/WPA2 that provides diagnostic of Wi-Fi honeypot for encryption key resistance is offered. A Comparison between hardware virtualization and OS-level virtualization is provided under the identical conditions in scope of WPA2 handshake brute force task. Results. Optimal conditions for providing brute force attack in virtual environment are obtained, what can give possibility to quickly assess security level honeypot. This information can be used to understand how qualified attacker should be. Conclusions. A method of key perseverance assessment for authentication method WPA/WPA2 in IEEE 802.11 wireless network is proposed, for interaction with attacker with needed qualification level and computing resources. A method of IEEE 802.11 wireless networks security assessment using Analytics Hierarchy Process got further development. The scalable environment for honeypots assessment providing is offered. The method of wordlist generation and rotation that are delivered to assessment system is proposed, what can help to exclude key reduplication what in its turn will help to speedup of assessment results. References Lijuan Z., Qingxin W. A Network Security Evaluation Method

Anahtar Kelimeler: