Detecting and mitigating the impact of wideband jammers in IEEE 802.11 WLANs

García-Villegas, Eduard; Gómez, Moisés; López-Aguilera, Elena; Casademont, Jordi

doi:10.1145/1815396.1815410

Cited by 5 publications

(10 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Burbank et al in [ 20 ] studied path statistics and spectrum availability for the jammer detector. In [ 21 ], the authors assume a jammer that constantly emits signals, which can also attack several channels at the same time. The jammer detector is based on load balancing.…”

Section: Related Workmentioning

confidence: 99%

MPH-M, AODV-M and DSR-M Performance Evaluation under Jamming Attacks

Del-Valle-Soto

Mex-Perera²,

Monroy

et al. 2017

Sensors

View full text Add to dashboard Cite

In this work, we present the design of a mitigation scheme for jamming attacks integrated to the routing protocols MPH, AODV, and DSR. The resulting protocols are named MPH-M (Multi-Parent Hierarchical - Modified), AODV-M (Ad hoc On Demand Distance Vector - Modified), and DSR-M (Dynamic Source Routing - Modified). For the mitigation algorithm, if the detection algorithm running locally in each node produces a positive result then the node is isolated; second, the routing protocol adapts their paths avoiding the isolated nodes. We evaluated how jamming attacks affect different metrics for all these modified protocols. The metrics we employ to detect jamming attack are number of packet retransmissions, number of CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) retries while waiting for an idle channel and the energy wasted by the node. The metrics to evaluate the performance of the modified routing protocols are the throughput and resilience of the system and the energy used by the nodes. We evaluated all the modified protocols when the attacker position was set near, middle and far of the collector node. The results of our evaluation show that performance for MPH-M is much better than AODV-M and DSR-M. For example, the node energy for MPH-M is 138.13% better than AODV-M and 126.07% better than DSR-M. Moreover, we also find that MPH-M benefits much more of the mitigation scheme than AODV-M and DSR-M. For example, the node energy consumption is 34.61% lower for MPH-M and only 3.92% and 3.42% for AODV-M and DSR-M, respectively. On throughput, the MPH protocol presents a packet reception efficiency at the collector node of 16.4% on to AODV and DSR when there is no mitigation mechanism. Moreover, MPH-M has an efficiency greater than 7.7% with respect to AODV-M and DSR-M when there is a mitigation scheme. In addition, we have that with the mitigation mechanism AODV-M and DSR-M do not present noticeable modification. However, MPH-M improves its efficiency by 8.4%. We also measure the resilience of these algorithms from the average packet re-transmissions perspective, and we find that MPH-M has around a 15% lower change rate than AODV-M and DSR-M. The MPH-M recovery time is 5 s faster than AODV-M and 2 s faster than DSR-M.

show abstract

Section: Related Workmentioning

confidence: 99%

MPH-M, AODV-M and DSR-M Performance Evaluation under Jamming Attacks

Del-Valle-Soto

Mex-Perera²,

Monroy

et al. 2017

Sensors

View full text Add to dashboard Cite

show abstract

“…Previous experiments with IEEE 802.11b equipment [7] concluded that, for robust modulations, it is more effective to target the transmitter's CCA; on the contrary, a faster modulation is more sensitive to packet errors produced at the receiver. However, according to our observations in the testbed depicted in Figure 1, attacking an OFDM-based IEEE 802.11 transmitter is clearly more effective than attacking a receiver regardless of whether a robust or a fast 1 Agilent ESG-D 2 A sine waveform whose frequency varies to sweep the whole 2.4GHz band 3 TCP is not being used in order to avoid the influence of TCP congestion control and retransmission mechanisms in the jammer evaluation.…”

Section: Effects Of a Jammermentioning

confidence: 99%

“…But the CST value does not only increase in the presence of a jammer, it can also rise with high number of transmitters. The authors in [7] define a jammer detection method based on the inspection of the number of transmission attempts per frame and use it to correspond to CST. The authors define a ratio T f that is based on the total number of frames that have been sent to the channel and the total number of transmissions that were deferred to avoid collision.…”

Section: Jammer and Cheater Detection In Ieee 80211 Wlansmentioning

confidence: 99%

“…In [7], the authors propose to use CCA channel busy indication for detection process. But this method has an apparent drawback that the channel busy time can increase in the presence of a jammer as well as with increased number of active users.…”

Section: Jammer and Cheater Detection In Ieee 80211 Wlansmentioning

confidence: 99%

“…Assuming that BAT is a random variable uniformly distributed between 19µs and 2138µs 7 , s = 120 guarantees, with a confidence of 95%, that the estimated BAT has an error smaller than 10%. Using the default Beacon Interval of 100ms, 120 samples require 12s.…”

Section: Implementation Of a Bat-based Jammer Detectormentioning

confidence: 99%

See 2 more Smart Citations

A novel cheater and jammer detection scheme for IEEE 802.11-based wireless LANs

2015

Self Cite

View full text Add to dashboard Cite

The proliferation of IEEE 802.11 networks has made them an easy and attractive target for malicious devices/adversaries which intend to misuse the available network. In this paper, we introduce a novel malicious entity detection method for IEEE 802.11 networks. We propose a new metric, the Beacon Access Time (BAT), which is employed in the detection process and inherits its characteristics from the fact that beacon frames are always given preference in IEEE 802.11 networks. An analytical model to define the aforementioned metric is presented and evaluated with experiments and simulations. Furthermore, we evaluate the adversary detection capabilities of our scheme by means of simulations and experiments over a real testbed. The simulation and experimental results indicate consistency and both are found to follow the trends indicated in the analytical model. Measurement results indicate that our scheme is able to correctly detect a malicious entity at a distance of, at least, 120m. Analytical, simulation and experimental results signify the validity of our scheme and highlight the fact that our scheme is both efficient and successful in detecting an adversary (either a jammer or a cheating device). As a proof of concept, we developed an application that when deployed at the IEEE802.11 Access Point, is able to effectively detect an adversary. c ⃝ 2014 Eduard Garcia-Villegas under Creative Commons (CC BY-NC-ND)

show abstract