Rogue Access Point Based DoS Attacks against 802.11 WLANs

Liu, Chibiao; Yu, James

doi:10.1109/aict.2008.54

Cited by 21 publications

(10 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The arrival rate of attacking frames to the RX queue λ 3 The arrival rate of data frames to the TX2 queue D…”

Section: Queuing Model Of the Wlanmentioning

confidence: 99%

“…The normal TCP RTT without DoS attacks X 2 The average number of data frames at TX2 during a ML attack or a HL attack t 1 The duration for the wireless STA to process a data frame t 2 The duration for AP_Air RX to process a data frame t 3 The duration for AP_CPU to process a data frame t 4 The duration for the wired STA to process a data frame t 5 The duration for AP_Air TX to process a data frame µ…”

Section: Queuing Model Of the Wlanmentioning

confidence: 99%

“…During the attack, it include 3 copies of one fake 802.11 request frame and 21 response frames S 3 The average service time for the AP_Air TX to transmit one data frame T 0…”

Section: Queuing Model Of the Wlanmentioning

confidence: 99%

“…In the past, most studies of WLAN security are on the protection of data integrity. However, there is a growing interest in Denial of Service (DoS) attacks against WLANs [3][4][5][6][7][8][9][10][11]. Our research focuses on four major DoS attacks: Authentication Request Flooding (AuthRF), Association Request Flooding (AssRF), deauthentication flooding, and disassociation flooding.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Empirical studies and queuing modeling of denial of service attacks against 802.11 WLANs

Liu

Brewster

2010

2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)

Self Cite

View full text Add to dashboard Cite

The growing popularity of 802.11-based wireless LANs (WLAN) also increases the risk of security attacks. Most studies of WLAN security are on the protection of data integrity, and few studies are addressing the issue of Denial of Service (DoS) attacks. This paper studies two major DoS attacks of authentication request flooding (AuthRF) and association request flooding (AssRF). Our studies show that these DoS attacks cause significant performance degradations and may disconnect the communications. A queuing model is presented to study the attacking mechanisms, and the causes of performance degradations. The analytical results of the queuing model are validated by the simulation model, and both results are consistent with the empirical data. The queuing model analysis leads to the development of four solutions: Request Authentication (RA), Reduction of Duplicate Requests (RDR), Reduction of Response Retransmissions (RRR), and Round Robin Transmission (RRT). We tested these four solutions and collected empirical data to validate the effectiveness of the solutions. A comparison of these four solutions is presented to show their strengths and weaknesses in resolving the attacks.

show abstract

“…The arrival rate of attacking frames to the RX queue λ 3 The arrival rate of data frames to the TX2 queue D…”

Section: Queuing Model Of the Wlanmentioning

confidence: 99%

Section: Queuing Model Of the Wlanmentioning

confidence: 99%

“…During the attack, it include 3 copies of one fake 802.11 request frame and 21 response frames S 3 The average service time for the AP_Air TX to transmit one data frame T 0…”

Section: Queuing Model Of the Wlanmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Empirical studies and queuing modeling of denial of service attacks against 802.11 WLANs

Liu

Brewster

2010

2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM)

Self Cite

View full text Add to dashboard Cite

show abstract

“…The disassociation DoS attack leaves the target in the authenticated state. Thus, the work performed by the target to undo the attack's effect is more in case of deauthentication DoS attack as compared with disassociation DoS attack . The attack frames are sent successively so that the target receives another forged frame before it finishes fresh authentication and association (Figure ).…”

Section: Dos Attacks In Ieee 80211imentioning

confidence: 99%

On the IEEE 802.11i security: a denial‐of‐service perspective

Singh

Sharma

2014

Security Comm Networks

View full text Add to dashboard Cite

The IEEE 802.11i standard provides authentication and security at the Medium Access Control layer in wireless local area networks (WLANs). It involves an authentication process followed by a four‐way handshake to evolve a key for securing data sessions. The standard suffers under denial‐of‐service (DoS) attacks. These attacks often block the ongoing communication process and deprive services to the legitimate users. These are easy to conduct while maintaining anonymity of the attackers. It hence becomes imperative to learn about the attacks and their solutions in IEEE 802.11i‐protected WLANs so that future research proposals and solutions to mitigate the attack may develop. The paper presents a review of DoS attacks and existing solutions pertaining to the IEEE 802.11i security standard. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Detection of man‐in‐the‐middle attacks using physical layer wireless security techniques

Wang

Wyglinski

2014

Wireless Communications

View full text Add to dashboard Cite

Compared with a wired network, a wireless network is not protected by the cable transmission medium. Information is broadcasted over the air and it can be intercepted by anyone within the transmission range. Even though the transmissions could potentially be protected by security authentication mechanisms, malicious users can still intercept the information by mimicking the characteristics of normal user or a legitimate access point. This scenario is referred as a man‐in‐the‐middle (MITM) attack. In the MITM attack, the attackers can bypass the security mechanisms, intercept the unprotected transmission packets, and sniff the information. Because of several vulnerabilities in the IEEE 802.11 protocol, it is difficult to defend against a wireless MITM attack. In this paper, a received signal strength indicator (RSSI)‐based detection mechanism for MITM attacks is proposed. RSSI information is an arbitrary integer that indicates the power level being received by the antenna. The random RSSI values are processed via a sliding window, yielding statistic information about the signal characteristics such as mean and standard deviation profiles. By analyzing those profiles, the detection mechanism can detect if a rogue access point, the key component of an MITM attack, is launched. Our proposed approach has been validated via hardware experimentation using Backtrack 5 tools and MATLAB software suite. Copyright © 2014 John Wiley & Sons, Ltd.

show abstract

Rogue Access Point Based DoS Attacks against 802.11 WLANs

Cited by 21 publications

References 3 publications

Empirical studies and queuing modeling of denial of service attacks against 802.11 WLANs

Empirical studies and queuing modeling of denial of service attacks against 802.11 WLANs

On the IEEE 802.11i security: a denial‐of‐service perspective

Detection of man‐in‐the‐middle attacks using physical layer wireless security techniques

Contact Info

Product

Resources

About