Volume 10, Issue 3 (March 2023), Pages: 183-188
----------------------------------------------
Technical Note
Implementation of a RADIUS server for access control through authentication in wireless networks
Author(s):
Cristopher Alezander Ochoa Villanueva 1, *, Avid Roman-Gonzalez 2, 3
Affiliation(s):
1Electronics and Telecommunication Department, Universidad Nacional Tecnológica de Lima Sur, Lima, Peru
2Aerospace Sciences and Health Research Laboratory (INCAS-Lab), Universidad Nacional Tecnológica de Lima Sur, Lima, Peru
3Image Processing Research Laboratory (INTI-Lab), Universidad Nacional Tecnológica de Lima Su, Lima, Peru
Full Text - PDF XML
* Corresponding Author.
Corresponding author's ORCID profile: https://orcid.org/0000-0002-5314-7909
Digital Object Identifier:
https://doi.org/10.21833/ijaas.2023.03.022
Abstract:
In this study, a remote authentication dial in user service (RADIUS) server was implemented, which offers a wireless security method based on registering users authorized to use the network. For this, a computer with 4GB of RAM and a fourth-generation i3 processor was used, mounted on the Ubuntu Server 18.04 operating system and using the free RADIUS open-source software. This server was connected to the network through the TL-WR940N router using the AES encryption method and the WPA2 – Enterprise wireless security protocol, which allows a RADIUS server to authenticate wireless users. Evaluating this method with three registered users, two of them administrators, and one guest, and a total of 8 wireless devices, the experimental results showed that, for the five failed attempts to enter the network, the RADIUS server was able to identify them with an accuracy of 100% in real-time. In addition, the two administrators' correct identification and subsequent access were achieved; one used the same credential to have another device connected to the network, so an identified user can connect to more than one device without creating other credentials. Finally, this security method was compared to WPA2 Personal for 4 hours, where it was verified that the RADIUS server maintains a maximum of 3 devices connected, while the second method allowed the entry of any device, whether or not it was foreign to the network, showing that the RADIUS server is a robust method with great potential to protect wireless networks.
© 2022 The Authors. Published by IASE.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
Keywords: Client-server, Vulnerabilities, NAS, Wireless security, RADIUS
Article History: Received 7 September 2022, Received in revised form 6 December 2022, Accepted 22 December 2022
Acknowledgment
No Acknowledgment.
Compliance with ethical standards
Conflict of interest: The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.
Citation:
Ochoa Villanueva CA and Roman-Gonzalez A (2023). Implementation of a RADIUS server for access control through authentication in wireless networks. International Journal of Advanced and Applied Sciences, 10(3): 183-188
Permanent Link to this page
Figures
Fig. 1 Fig. 2 Fig. 3 Fig. 4 Fig. 5 Fig. 6 Fig. 7 Fig. 8
Tables
Table 1
----------------------------------------------
References (14)
- ESET (2021). Security report Latinoamérica 2021. ESET Software Company, Bratislava, Slovakia.
- Feng J (2009). Design and implementation of RADIUS client based on finite state machine. In the Pacific-Asia Conference on Circuits, Communications and Systems, IEEE, Chengdu, China: 435-438. https://doi.org/10.1109/PACCS.2009.53 [Google Scholar]
- Khalil K, Elgazzar K, Abdelgawad A, and Bayoumi M (2020). A security approach for CoAP-based internet of things resource discovery. In the IEEE 6th World Forum on Internet of Things (WF-IoT), IEEE, New Orleans, USA: 1-6. https://doi.org/10.1109/WF-IoT48130.2020.9221153 [Google Scholar]
- Lin Y, Gao Y, Li B, and Dong W (2020). Accurate and robust rogue access point detection with client-agnostic wireless fingerprinting. In the IEEE International Conference on Pervasive Computing and Communications (PerCom), IEEE, Austin, USA: 1-10. https://doi.org/10.1109/PerCom45495.2020.9127375 [Google Scholar]
- Miloslavskaya N (2020). Security zone infrastructure for network security intelligence centers. Procedia Computer Science, 169: 51-56. https://doi.org/10.1016/j.procs.2020.02.113 [Google Scholar]
- Naman D, Abdulwahab M, and Ibrahim A (2020). RADIUS authentication on Unifi enterprise system controller using zero-handoff roaming in wireless communication. Journal of Applied Science and Technology Trends, 1(3): 118-124. https://doi.org/10.38094/jastt1427 [Google Scholar]
- Park J and Jung S (2017). Shared secret key update scheme between RADIUS server and access point using PUFs. In the 4th International Conference on Computer Applications and Information Processing Technology (CAIPT), IEEE, Kuta Bali, Indonesia: 1-5. https://doi.org/10.1109/CAIPT.2017.8320725 [Google Scholar]
- Petrosyan AS, Petrosyan GS, Tadevosyan RN, and Arsalanian KK (2019). Identity infrastructure boost concept for eduroam service. Mathematical Problems of Computer Science, 52: 61-65. https://doi.org/10.51408/1963-0045 [Google Scholar]
- Pisa C, Caponi A, Dargahi T, Bianchi G, and Blefari-Melazzi N (2016). WI-FAB: Attribute-based WLAN access control, without pre-shared keys and backend infrastructures. In Proceedings of the 8th ACM International Workshop on Hot Topics in Planet-Scale Mobile Computing and Online Social Networking: 31-36. https://doi.org/10.1145/2944789.2949546 [Google Scholar]
- PTSC (2019). Penetration testing of corporate information systems: statistics and findings, 2019. Positive Technologies Software Company Moscow, Russia.
- PTSC (2020). Top cybersecurity threats on enterprise networks. Positive Technologies Software Company Moscow, Russia.
- PTSC (2021). Cybersecurity threatscape: Q1 2021. Positive Technologies Software Company Moscow, Russia.
- Rigney C, Willens S, Rubens A, and Simpson W (2000). Remote authentication dial in user service (RADIUS) (No. rfc2865). https://doi.org/10.17487/rfc2865 [Google Scholar]
- Saharkhizan M, Azmoodeh A, Dehghantanha A, Choo KKR, and Parizi RM (2020). An ensemble of deep recurrent neural networks for detecting IoT cyber attacks using network traffic. IEEE Internet of Things Journal, 7(9): 8852-8859. https://doi.org/10.1109/JIOT.2020.2996425 [Google Scholar]
|