On MAC-layer denial of service attacks in IEEE 802.11 ad hoc networks: analysis and counter measures

Network survivability is fundamental to information security. Adversaries could compromise network functionality by attacking the physical layer, the Medium Access Control (MAC) layer or the network layer. Even though security mechanisms for the network layer have been extensively discussed, MAC layer security has not been deeply explored. Leveraging security flaws in the IEEE 802.11 MAC protocol and the salient features of a Mobile Ad Hoc Network (MANET), even an average person with limited knowledge of wireless networks can launch MAC-layer Denial of Service (DOS) attacks. In this paper, we study two types of MAC layer DOS attacks that can be easily employed by an average person: attacks launched from a single adversary by injecting enormous data flows into the network and attacks launched from two colluding adversaries by sending enormous data flows directly to each other. To counter the first attacks, we propose a packet-by-packet authentication scheme so that legitimate nodes can reject data transmission requests from unauthenticated adversaries. To mitigate the second attacks, we propose several counter measures such as a fair MAC protocol, using protecting traffic flows and distance adjustment. The contribution of this paper is that it reveals the attacks that could be launched by an average person, which is a potential threat to MANETs.

[1]  Thomas D. Burd,et al.  The simulation and evaluation of dynamic voltage scaling algorithms , 1998, Proceedings. 1998 International Symposium on Low Power Electronics and Design (IEEE Cat. No.98TH8379).

[2]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[3]  Mario Gerla,et al.  How effective is the IEEE 802.11 RTS/CTS handshake in ad hoc networks , 2002, Global Telecommunications Conference, 2002. GLOBECOM '02. IEEE.

[4]  Yihong Zhou,et al.  Balancing the hidden and exposed node problems with power control in CSMA/CA-based wireless networks , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[5]  Michalis Faloutsos,et al.  Denial of service attacks at the MAC layer in wireless ad hoc networks , 2002, MILCOM 2002. Proceedings.

[6]  Zygmunt J. Haas,et al.  Securing ad hoc networks , 1999, IEEE Netw..

[7]  Thomas D. Burd,et al.  Processor design for portable systems , 1996, J. VLSI Signal Process..

[8]  Yih-Chun Hu,et al.  Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks , 2005, Wirel. Networks.

[9]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[10]  Panagiotis Papadimitratos,et al.  Secure data transmission in mobile ad hoc networks , 2003, WiSe '03.

[11]  Martin Nilsson,et al.  Investigating the energy consumption of a wireless network interface in an ad hoc networking environment , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[12]  Danny Dhillon,et al.  Implementing a fully distributed certificate authority in an OLSR MANET , 2004, 2004 IEEE Wireless Communications and Networking Conference (IEEE Cat. No.04TH8733).

[13]  Theodore S. Rappaport,et al.  Wireless communications - principles and practice , 1996 .