CN101778387B - Method for resisting denial of service (DoS) attack for wireless local area network access authentication - Google Patents
Method for resisting denial of service (DoS) attack for wireless local area network access authentication Download PDFInfo
- Publication number
- CN101778387B CN101778387B CN2010100135710A CN201010013571A CN101778387B CN 101778387 B CN101778387 B CN 101778387B CN 2010100135710 A CN2010100135710 A CN 2010100135710A CN 201010013571 A CN201010013571 A CN 201010013571A CN 101778387 B CN101778387 B CN 101778387B
- Authority
- CN
- China
- Prior art keywords
- puzzle
- user
- access point
- authentication
- answer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a method for resisting a denial of service (DoS) attack for a wireless access authentication protocol, which mainly solves the problem of DoS attack threat existing in the process of wireless access authentication of the traditional 802.11i protocol and the WAPI protocol. The method realizes the resistance on the DoS attack in the process of access authentication association by utilizing the combined use of a beacon frame issuing mechanism and a client-puzzle mechanism. The method comprises the following realizing steps of: (1) obtaining a beacon frame issued by an access point by a user in a monitoring way and obtaining the parameter needed for constructing a puzzle; (2) generating the puzzle and solving when the authentication interaction is finished; (3) containing the puzzle and the solution into an association request and transmitting the association request to the access point; and (4) judging whether the association process is finished or not by the access point through the authentication on the puzzle and the solution. The invention has stronger DoS attack resistance and adaptability and is suitable for the traditional wireless access authentication protocol.
Description
Technical field
The invention belongs to the network technology security fields, be specifically related to wireless network environment and resist the method for serving DoS attack extremely, can be used for radio local network environment, to reduce the influence of Denial of Service attack access authentication procedure.
Technical background
The main purpose of denial of service DoS attack is the service forfeiture availability that provides in the network in order to make, and it is implemented, and difficulty is little, the extent of injury is big, is threat maximum in the present network.But, cause to stop the existence of this attack owing to the opening of the Internet.Therefore the target of existing research all is intended to how to reduce the influence of DoS attack to network.
The access security of wireless network is the hot issue that people study always.Because Wireless Communication Equipment and limitation bandwidth resources cause access authentication procedure to face the threat of DoS attack.Present existing wireless access authentication protocol such as WAPI agreement and 802.11i agreement etc., all exists certain DoS attack to threaten in the wireless access process.
802.11i agreement is present most popular wireless network security protocol standard, it provides authentication and key-switch function, and market main flow radio network product all adopts this standard at present.802.11i inherited two kinds of authentication modes of 802.11: open system authentication mode and shared key authentication mode, and the authentication mechanism based on 802.1X has been proposed, the authentication mechanism based on 802.1X is preferably adopted in suggestion.802.11i agreement has proposed new secure network security system---strong secure network RSN (Robust Security Network), mainly by security association management and data encryption machine-processed reach into.Wherein security association management mechanism comprises RSN negotiating safety capability, 802.1X verification process and 802.1X key distribution process.
1.RSN the negotiating safety capability process is the process that security association is set up, and with reference to figure 1, is described below:
1) user STA is through the beacon frame of access point AP or the information element of probing response frame acquisition 802.11i;
2) user STA carries out the open system authentication request to access point AP;
3) access point AP makes the open system authentication response to user STA;
4) user STA sends association request and gives access point AP;
5) access point AP carries out the association request authentication response to user STA.
2.802.1X verification process
After security association is set up the process end, just can get into the 802.1X authentication.802.1X authentication protocol has been realized the access control of network, this agreement comprises three main bodys, user's incoming end, access authentication end and certificate server, i.e. user STA in the wireless network environment, access point AP and certificate server ASU.Under this agreement, carry out mutual authentication through certificate server ASU between user STA and the access point AP.Adopt the 802.1X Valuation Standard between user STA and the access point AP, then adopt aaa protocol as communication standard between access point AP and the certificate server ASU, i.e. the RADIUS/DIAMETER agreement.
With reference to figure 2, the 802.1X verification process is following:
1) user STA sends an EAP initiation message to the uncontrolled port of access point AP;
2) access point AP returns the response of EAP extended authentication, requires user STA that identity information is provided;
3) user STA sends the identity information of oneself through the response of EAP extended authentication to access point AP;
4) access point AP sends to the identity information of user STA certificate server ASU and carries out authentication through inserting request;
5) certificate server ASU utilizes the authentication method that encapsulates among the EAP to come user STA is carried out authentication;
6) user STA identity obtains after the authentication, and certificate server ASU sends to access point AP with authentication result and key material;
7) access point AP sends EAP extended authentication success message to user STA.
It is that a state carries on an agreement that above-mentioned security association is set up process, and therefore AP need need AP to consume certain storage resources to the state of user information stores.If the assailant has sent a large amount of false probe requests thereby, AP can cause self storage resources to exhaust because handle these false probe requests thereby, can't the access authentication service be provided for other users.Extended authentication 802.1X is that access authentication procedure provides stronger authentication; But simultaneously also can be used to carry out DoS attack by victim, the certificate that the assailant can send a large amount of falsenesses forces ASU to carry out certification authentication and consumes a large amount of computational resources and cause the access authentication service normally to carry out.Therefore the 802.11i agreement does not play good protective action to DoS attack.
The WAPI agreement is Chinese WLAN standard, is made up of WAI and two modules of WPI, realizes respectively to the authentication of user identity with to the function of transmission data encipher.WAPI is identical with the 802.11i agreement, need at first carry out secure association procedure.With reference to figure 3, its association process is following:
1. user STA obtains the WAPI information element through beacon frame or the probing response frame of AP
2. user STA sends the open system authentication request to access point AP;
3. access point AP makes the open system authentication response to user STA;
4. user STA sends association request and gives access point AP, wherein comprises the WPAI information element in the association request;
5. access point AP carries out the association request authentication response to user STA.
After accomplishing the foundation of WAPI security association, will carry out the WAI authentication, with reference to figure 4, verification process is following:
At first, access point AP sends authentication to user STA and activates request, and promptly access point AP sends beacon frame to user STA;
Secondly, in access authentication request, user STA submits to access point AP with the certificate of oneself with the access request time;
Once more, in the certificate verification request, access point AP inserts request time and the certificate of oneself and he with the certificate of user STA, user STA the signature of these three parts is issued certificate server ASU;
Then; After certificate server ASU receives the certificate verification request that access point AP sends, at first verify signature and the certificate of access point AP, after authentication success; Further verify the certificate of user STA; Afterwards, certificate server ASU signs with own private key to the authentication result of user STA and access point AP certificate, and this result who signs together with certification authentication is sent back to access point AP;
At last, access point AP responds the certificate verification of receiving and verifies, and obtains the authentication result to user STA certificate, determines whether allowing to insert user STA according to this result.Access point AP need be transmitted to user STA with the checking result of certificate server ASU simultaneously; User STA also will verify the signature of certificate server ASU; And obtain authentication result to access point AP certificate, whether insert access point AP according to this result's decision.
The WAPI agreement need be set up association process equally, therefore exists the resource exhaustion that faces in 802.11 agreements in the association process to threaten.For the WAI process, AP and ASU need cert to carry out signature authentication calculating, and therefore, AP and ASU are easy to suffer the threat of DoS attack.
DoS attack to authentication protocol threatens, and the researcher has at first proposed cookie mechanism.Its basic thought is: when initiator's request comes; Response party generates a cookie who bundlees with the initiator; Then this cookie is sent to the initiator, and require this cookie of transmit leg loopback, use the assailant of the network address of forging; Be difficult to forge and distort cookie and continue to move agreement, thereby reach the purpose of defending DoS attack.This mechanism has the DoS attack of spoofed IP address well resists effect, but then powerless for the DoS from the IP address of true address.
Afterwards, the proposition of client-puzzle mechanism has then further strengthened the ability of the anti-DoS attack of authentication protocol.Basic principle is that when server end received client's request, server can send a problem puzzle to client, requires client in official hour, to make answer solution, and answer is sent back to server.But how avoiding the utilization of request process victim is the problem that needs solve to start DoS attack.Puzzle constructs through consuming cpu resource and memory source usually.
But the method that has the researcher to propose to utilize wireless module to construct puzzle is recently resisted the DoS attack of wireless access authentication has wherein also been brought some other potential safety hazards, and distance is practical to also have very big distance.Therefore existing wireless access authentication protocol is still unsound to the defense mechanism of DoS attack.Need a kind of method that can in access authentication procedure, effectively resist DoS attack of design to improve mobile network's fail safe.
Summary of the invention
The present invention is primarily aimed at the deficiency in the above-mentioned wireless access verification process, combines through monitoring beacon frame mode and the client-puzzle mechanism revised, has proposed a kind of method of resisting denial of service (DoS) attack for wireless local area network access authentication,
For realizing above-mentioned purpose, the present invention includes following steps:
(1) user STA obtains relevant information element through the beacon frame that monitor to obtain access point AP, comprises original information and the user required parameter of puzzle that has problems in this information element;
(2) after obtaining relevant information element, it is mutual that user STA and access point AP carry out corresponding authentication;
(3) carry out authentication mutual in, carry out operation as follows:
3a) user STA obtains the MAC Address AP_add of access point AP from beacon frame; From information element, obtain used structure random number N i and the current difficulty level L of structure puzzle; Specify puzzle to calculate used Hash function, and select a random number r arbitrarily;
3b) will X answered, MAC Address AP_add, structure random number N i and the difficulty level L of user-selected random number r, access point; In order and be connected into Bit String X ‖ r ‖ Ni ‖ AP_add ‖ L; And this Bit String is carried out Hash calculate; If the last L of result of calculation position is 0, then X is the answer of puzzle, otherwise answer can not be passed through;
3c) user utilizes the method for exhaustive search to seek an answer X, makes it satisfy the decision condition of answering among the step 3b;
(4) after the generation and answer of completion puzzle, user STA initiates association request message to access point AP, adds the relevant parameter that generates puzzle in the information element of this association request message;
(5) access point AP to the answer X of puzzle in the association request message and searching according to step 3b) in to the answer decision condition make checking; If the puzzle checking is passed through; And when the existing checking result of storage does not repeat in the interim tabulation of this puzzle checking result and current answer, then send the association request response message, accomplish association request to the user; And will verify that the result deposits in the interim tabulation of answer, otherwise stop this user's access request.
The present invention is because through the modification to information element in the beacon frame; Increase the puzzle constructing variable; Make the user can obtain the puzzle constructing variable, reduced the negotiation number of times that increases for structure puzzle in the traditional scheme, improved negotiation efficiency through the mode of listen for beacons frame; Owing to adopt the mode of user's listen for beacons frame to obtain the puzzle constructing variable, avoided DoS attack potential in the process of request puzzle in traditional client-puzzle mechanism to threaten simultaneously.
Checking through to puzzle that the user produces in the association request message and answer screens forged request, to improve the anti-DoS attack ability of wireless access authentication protocol.
Description of drawings
Fig. 1 is that the process sketch map is set up in the association of 802.11i protocol access authentication;
Fig. 2 is the extensible authentication procedure sketch map of 802.11i protocol access authentication;
Fig. 3 is that the process sketch map is set up in the association of WAPI protocol access authentication;
Fig. 4 is the WAI verification process sketch map of WAPI protocol access authentication;
Fig. 5 is the sketch map that the present invention is applied to the access authentication of WLAN process;
Fig. 6 is the beacon frame information element format that the present invention is directed to the 802.11i protocol modification;
Fig. 7 is the beacon frame information element format that the present invention is directed to the WAPI protocol modification;
Fig. 8 is the association request information element form that the present invention is directed to the 802.11i protocol modification;
Fig. 9 is the association request information element form that the present invention is directed to the WAPI protocol modification.
Embodiment
With reference to Fig. 5, the method for resisting abnegation service aggression comprises the steps: in the access authentication procedure that the present invention provides
Beacon frame is that access point AP adopts the broadcast mechanism cycle to send under wireless network environment, so the user need not send a request message to access point AP, just can obtain the information element in the beacon frame through the mode of monitoring.In the present invention; The information element of user institute listen for beacons frame is on the original information elemental basis, to revise; Add the required parameter of structure puzzle, except comprising original information, also comprised structure random number N i, difficulty level L and hash algorithm that current AP supports.
The present invention is directed to 802.11i agreement and WAPI agreement, respectively its information element is revised.To the 802.11i agreement, the modification of information element form is as shown in Figure 6, on original information element format basis, adds structure random number N i and shows the selected random number of current AP, takies 48 hyte numbers; Difficulty level L shows the required difficulty level of calculating puzzle, takies 8 hyte numbers; Hash algorithm is represented the supported hash algorithm of current AP, and like MD5, SHA-1 or the higher hash algorithm of other fail safes take eight hyte numbers.To the WAPI agreement, the modification of information element is as shown in Figure 7, and each item implication of being added and form are identical with each item that 802.11i protocol information element is added.
Structure random number N i is produced by access point at random, and by the effective life of AP regulation structure random number, if when the front construction random number lost efficacy, the random number that access point AP generation is new, and lastest imformation element; L is the difficulty level of expression puzzle, according to current network and access point resource consumption situation dynamic adjustments, if difficulty level L changes, needs AP to upgrade the current information element by access point AP.
The user is behind the beacon frame that listens to certain access point AP; If select to insert the current wireless network; Then to carry out authentication mutual to the wireless access authentication protocol that uses, and when employing 802.11i agreement, the user need to carry out open system authentication mutual with this access point AP; When adopting the WAPI agreement, it is mutual that the user need carry out link authentication;
The user carry out authentication mutual in; Need usually to construct puzzle and make answer according to the information word that obtains; Here adopt computational resource consumption to come construction problem puzzle: at first user STA obtains the MAC Address AP_add of access point AP from beacon frame; From information element, obtain used structure random number N i and the current difficulty level L of structure puzzle, specify puzzle to calculate used Hash function, and select a random number r arbitrarily; With the MAC Address AP_add of X to be answered, user-selected random number r, access point, structure random number N i and difficulty level L, in order and be connected into Bit String X ‖ r ‖ Ni ‖ AP_add ‖ L; This Bit String is carried out Hash calculate, if the last L of result of calculation position is 0, then X is the answer of puzzle, can not pass through otherwise answer, and promptly makes X satisfy following formula:
Wherein each symbology is same as described above for mod 2L=0 for Hash (X ‖ r ‖ Ni ‖ dest IP ‖ L).
Because the Hash function has one-way, through the answer Rule of judgment, finding the solution X is not all right on calculating, and therefore, the user can only seek answer X through the method for exhaustive search, and calculates checking until finding out the X that satisfies the answer condition.
Step 3, user STA sends the association request message that comprises puzzle and answer to access point AP.
At first, the information element in the association request is made amendment, in information element, add all generation parameters and the answer X of puzzle by the user.To two kinds of wireless access authentication protocol 802.11i agreements and WAPI agreement, respectively its association request information element is made amendment:
If adopt the 802.11i agreement, then on the information element form basis of original association request, add structure random number N i, difficulty level L, user-selected hash algorithm, user-selected random number r and answer X; Wherein Ni takies 48 hyte numbers; L takies 18 hyte number, and hash algorithm takies 18 hyte number, and r takies 48 hyte numbers; X takies 48 hyte numbers, and is as shown in Figure 8;
If adopt the WAPI agreement, then on original association request information element form basis, add structure random number N i, difficulty level L, user-selected hash algorithm, user-selected random number r and answer X; Wherein Ni takies 48 hyte numbers; L takies 18 hyte number, and hash algorithm takies 18 hyte number, and r takies 48 hyte numbers; X takies 48 hyte numbers, and is as shown in Figure 9.
Then, the user sends to access point with amended association request message.
Access point AP receives user's association request message, from the association request message information element, extracts structure random number N i, difficulty level L, user-selected Hash function, user-selected random number r, answer X; Calculate the hashed value of X ‖ r ‖ Ni ‖ AP_add ‖ L then by access point; Verifying this separates X and answers the answer Rule of judgment that whether satisfies in the step 2; If answer X satisfies Rule of judgment, then continue the uniqueness of answer is judged, otherwise termination user's access request;
If puzzle and answer X satisfy the answer condition; To answer by this and store hashed value in hashed value that X calculates and the interim tabulation of answer and compare; Avoid puzzle and answer X to be repeated to utilize: if this hashed value is not comprised in the interim tabulation of answer; Then accept association request, and return associated response, set up security association; Otherwise the refusal association request stops user's access request.After access point is accomplished the association request process, result of calculation is deposited in the interim tabulation of answer, if information element change in the beacon frame, access point need empty answer and tabulate to accept new puzzle and answer temporarily.
Symbol description:
DoS attack: denial of service (Denial of Service) is attacked
WAPI: Chinese wireless LAN safety standard
802.11i: the wireless network secure standard agreement
RSN: strong secure network (Robust Security Network)
802.1X: based on the network insertion control Valuation Standard of port
AP: access point (Access Point)
STA: user (Station)
ASU: authentication service unit
EAP: extended authentication
Hash: hash function
R: the random number that the user chooses
X: answer
The selected structure random number of Ni:AP
The address of AP add:AP
The selected difficulty level of L:AP.
MD5:Message-Digest Algorithm 5, md5-challenge-5
SHA-1:Secure Hash Standard-1, safe hash standard-1
RADIUS:Remote Authentication Dial In User Service, remote subscriber is dialled in authentication service
DIAMETER: aaa protocol of new generation.
Claims (3)
1. a method of resisting the Denial of Service attack that exists in the access authentication of WLAN comprises the steps:
(1) user STA obtains relevant information element through the beacon frame that monitor to obtain access point AP issue, comprises original information and the user required parameter of puzzle that has problems in this information element;
(2) after obtaining relevant information element, it is mutual that user STA and access point AP carry out corresponding authentication;
(3) carry out authentication mutual in, carry out operation as follows:
3a) user STA obtains the MAC Address AP_add of access point AP from beacon frame; From information element, obtain used structure random number N i and the current difficulty level L of structure puzzle; Specify puzzle to calculate used Hash function, and select a random number r arbitrarily;
3b) will X answered, MAC Address AP_add, structure random number N i and the difficulty level L of user-selected random number r, access point; In order and be connected into Bit String X||r||Ni||AP_add||L; And this Bit String is carried out Hash calculate; If the last L of result of calculation position is 0, then X is the answer of puzzle, otherwise answer can not be passed through;
3c) user utilizes the method for exhaustive search to seek an answer X, makes it satisfy the decision condition of answering among the step 3b;
(4) after the generation and answer of completion puzzle, user STA initiates association request message to access point AP, adds the relevant parameter that generates puzzle in the information element of this association request message;
(5) access point AP to the answer X of puzzle in the association request message and searching according to step 3b) in to the answer decision condition make checking; If the puzzle checking is passed through; And when the existing checking result of storage does not repeat in the interim tabulation of this puzzle checking result and current answer, then send the association request response message, accomplish association request to the user; And will verify that the result deposits in the interim tabulation of answer, otherwise stop this user's access request.
2. the method for the Denial of Service attack that exists in the opposing access authentication of WLAN according to claim 1; The described user of step (1) the required parameter of puzzle that has problems wherein; Be on the basis that the original information element is made amendment, add required random number N i, difficulty level L and the access point hash algorithm that AP supports of structure puzzle.
3. the method for the Denial of Service attack that exists in the opposing access authentication of WLAN according to claim 1; Wherein the described puzzle of step (4) generates relevant parameter; Be on the basis that the original information element is made amendment, add the answer X of structure random number N i, current difficulty level L, user-selected random number r, hash algorithm and searching.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010100135710A CN101778387B (en) | 2010-01-08 | 2010-01-08 | Method for resisting denial of service (DoS) attack for wireless local area network access authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010100135710A CN101778387B (en) | 2010-01-08 | 2010-01-08 | Method for resisting denial of service (DoS) attack for wireless local area network access authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101778387A CN101778387A (en) | 2010-07-14 |
| CN101778387B true CN101778387B (en) | 2012-06-27 |
Family
ID=42514668
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010100135710A Expired - Fee Related CN101778387B (en) | 2010-01-08 | 2010-01-08 | Method for resisting denial of service (DoS) attack for wireless local area network access authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101778387B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101969643B (en) * | 2010-09-21 | 2014-04-16 | 国家无线电监测中心检测中心 | Combined wireless network crosslinking method |
| CN102196432A (en) * | 2011-06-10 | 2011-09-21 | 西安电子科技大学 | Quadratic congruence equation-based method for resisting denial-of-service attacks of wireless network |
| CN103096301B (en) * | 2011-10-31 | 2017-04-12 | 华为技术有限公司 | Method for verifying wireless local area network access point and station for the same |
| CN105164977A (en) | 2013-01-18 | 2015-12-16 | 惠普发展公司,有限责任合伙企业 | Preventing a memory attack to a wireless access point |
| US20150358347A1 (en) * | 2013-01-18 | 2015-12-10 | Yongqiang Liu | Preventing an input/output blocking attack to a wireless access point |
| US9392018B2 (en) * | 2013-09-30 | 2016-07-12 | Juniper Networks, Inc | Limiting the efficacy of a denial of service attack by increasing client resource demands |
| CN108011856B (en) * | 2016-10-31 | 2020-05-08 | 华为技术有限公司 | Method and device for transmitting data |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478388A (en) * | 2009-01-16 | 2009-07-08 | 西安电子科技大学 | Multi-stage security supporting mobile IPSec access authentication method |
-
2010
- 2010-01-08 CN CN2010100135710A patent/CN101778387B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101478388A (en) * | 2009-01-16 | 2009-07-08 | 西安电子科技大学 | Multi-stage security supporting mobile IPSec access authentication method |
Non-Patent Citations (1)
| Title |
|---|
| 李小平等.入侵防御系统的研究与设计.《微计算机信息》.2006,第22卷(第33期),88-90. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101778387A (en) | 2010-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101778387B (en) | Method for resisting denial of service (DoS) attack for wireless local area network access authentication | |
| Chaudhry et al. | Securing demand response management: A certificate-based access control in smart grid edge computing infrastructure | |
| Shen et al. | Secure device-to-device communications over WiFi direct | |
| Wang et al. | SDN-based handover authentication scheme for mobile edge computing in cyber-physical systems | |
| CN101902476B (en) | Method for authenticating identity of mobile peer-to-peer user | |
| Zou et al. | A robust two-factor user authentication scheme-based ECC for smart home in IoT | |
| Fu et al. | A privacy‐preserving group authentication protocol for machine‐type communication in LTE/LTE‐A networks | |
| CN101626370B (en) | Method, system and equipment for distributing secret keys to nodes | |
| CN108809637A (en) | The car-ground communication Non-Access Stratum authentication key agreement methods of LTE-R based on mixed cipher | |
| CN108270572B (en) | Key exchange protocol based on position and password | |
| Chu et al. | An improved identity authentication scheme for internet of things in heterogeneous networking environments | |
| Zhang et al. | Group key agreement protocol among terminals of the intelligent information system for mobile edge computing | |
| CN107205208A (en) | Method, terminal and the server of authentication | |
| CN103647762B (en) | IPv6 Internet of things node identity identifying method based on access path | |
| Haddad et al. | Secure and efficient uniform handover scheme for LTE-A networks | |
| CN101867923B (en) | Heterogeneous wireless network secure access authentication method based on identity self-confirmation | |
| Ma | NFC Communications-based Mutual Authentication Scheme for the Internet of Things. | |
| CN109218292A (en) | A kind of electric power networks security boundary composite defense method and system | |
| Chen et al. | A dual-factor access authentication scheme for IoT terminal in 5G environments with network slice selection | |
| CN103596179A (en) | Wireless local area network access authentication service attack denial resisting method based on radio frequency tag | |
| CN102196432A (en) | Quadratic congruence equation-based method for resisting denial-of-service attacks of wireless network | |
| You et al. | A novel group key agreement protocol for wireless mesh network | |
| Sahoo et al. | An efficient three‐factor user authentication scheme for industrial wireless sensor network with fog computing | |
| Roychoudhury et al. | A secure Device-to-Device communication scheme for massive Machine Type Communication | |
| Zhu et al. | Research on authentication mechanism of cognitive radio networks based on certification authority |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120627 Termination date: 20160108 |