RESPONSE TIME IMPROVEMENT ON ONE TIME PASSWORD (OTP) TECHNIQUE TO PREVENT REPLAY ATTACK IN A RADIUS ENVIRONMENT.
RESPONSE TIME IMPROVEMENT ON ONE TIME PASSWORD (OTP) TECHNIQUE TO PREVENT REPLAY ATTACK IN A RADIUS ENVIRONMENT.
No Thumbnail Available
Date
2017-02
Authors
ABDULLAHI, Yusuf
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
This research is aimed at the modification of the Remote Access Dial in User Server (RADIUS)
protocol with the one-time password (OTP) technique for the authentication environment with a
captive portal to prevent replay attacks. One of the important network security measures on a
campus network is the use of authentication for identification of legitimate users and one of the
most widely used solution in network authentication is the RADIUS protocol. However, there are
potential security vulnerabilities in the RADIUS network especially for networks using captive
portal, such as the replay attack. The Ahmadu Bello University (ABU) network is simulated using
the Graphical Network Simulator (GNS3) software on a virtualized environment using
Virtualbox. An OTP generator was developed using Hypertext Processor (PhP) programming
language for the three variants of the OTP, Time One Time Password (TOTP), Challenge
Response One Time Password (CROTP) and Hash One Time Password (HOTP). Before
improvement on the OTP technique using a PhP developed script, the result obtained shows the
average response time for TOTP, CROTP and HOTP as 2.5s, 5.2s and 5.7s respectively, this
result showed no improvement in the TOTP, CROPT and HOTP response time respectively when
compared with the recommended response time of a RADIUS server in a captive portal
environment which is 1000ms. After improving the OTP technique by integrating all the variants
of OTP with the RADIUS server on a single server using the simulated ABU campus network
using GNS3, the result shows a significant improvement over the above results. The results
obtained shows the average response time for TOTP, CROTP and HOTP as 1.2s, 2s and 1.9s. The
validation, based on the developed and simulated configuration was carried out using live servers,
routers and switches and the results shows improvement over the above results, the average
response time for TOTP, CROTP and HOTP were obtained as 0.4s, 0.9s and 0.9s respectively.
This shows significant improvement in the TOTP, CROPT and HOTP respectively. The result
shows the average response time is less than the recommended 1000ms for RADIUS server
response time in a captive portal environment.
Description
A DISSERTATION SUBMITTED TO THE SCHOOL OF POSTGRADUATE STUDIES, AHMADU BELLO UNIVERSITY, ZARIA IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE AWARD OF A MASTER OF SCIENCE (MSc) DEGREE IN COMPUTER ENGINEERING DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING FACULTY OF ENGINEERING
AHMADU BELLO UNIVERSITY, ZARIA NIGERIA
Keywords
RESPONSE TIME,, IMPROVEMENT ON ONE TIME PASSWORD (OTP),, TECHNIQUE,, PREVENT REPLAY ATTACK,, RADIUS ENVIRONMENT,