Analysis of the Impact of AuthRF and AssRF Attacks on IEEE 802.11e-based Access Point

This paper analyzes several Denial of Service (DoS) attacks at Medium Access Control (MAC) level, with an emphasis on the attacks related to authentication and association mechanisms in WLANs. In particular, a detailed analytical model is presented based on IEEE 802.11e access point (AP) queuing model, which shows the impact of the authentication and association flooding attacks. Using the proposed queuing model, the paper discusses the differences in behavior of APs based on both IEEE 802.11 and IEEE 802.11e standards, under DoS attacks. The analytical model is further extended in order to tackle the 802.11e AP behavior, followed by appropriate quantitative results for different types of Authentication Request Flooding (AuthRF) and Association Request Flooding (AssRF) DoS attacks. More specific, the paper analyzes the AP behavior being under AuthRF DoS attacks with three different levels of attack intensity: Low Level (LL), Medium Level (ML) and High Level (HL), at the same time assuming different traffic priorities. The analysis reveals that during the attack, the implemented algorithm plays a significant role in the overall performance. Namely, if an appropriate model is applied during LL and ML DoS attacks, the high priority traffic will be less affected, providing it with an opportunity to be served with significantly lower losses compared to the low priority traffic. The proposed queuing model and the developed analytical approach can be also used for each protocol layer, especially if the attacks involve flooding with too many requests (ICMP, TCP SYN, UDP etc.). The last part of the paper provides a comprehensive survey of different mechanisms used to mitigate the effects of the DoS attacks on MAC sublayer.

[1]  Neeraj Mittal,et al.  A Lightweight Solution for Defending Against Deauthentication/Disassociation Attacks on 802.11 Networks , 2008, 2008 Proceedings of 17th International Conference on Computer Communications and Networks.

[2]  Wen-Nung Tsai,et al.  Using Random Bit Authentication to Defend IEEE 802.11 DoS Attacks , 2009, J. Inf. Sci. Eng..

[3]  David R. Cheriton,et al.  Detecting identity-based attacks in wireless networks using signalprints , 2006, WiSe '06.

[4]  Ivan Martinovic,et al.  Wireless client puzzles in IEEE 802.11 networks: security by wireless , 2008, WiSec '08.

[5]  A. Nur Zincir-Heywood,et al.  802.11 De-authentication Attack Detection Using Genetic Programming , 2006, EuroGP.

[6]  Lan,et al.  A Comparative Study of the Available Solutions to Minimize Denial of Service Attacks in Wireless , 2011 .

[7]  James T. Yu,et al.  An Analysis of DoS Attacks on Wireless LAN , 2006, Wireless and Optical Communications.

[8]  James Yu,et al.  A Solution to WLAN Authentication and Association DoS Attacks , 2007 .

[9]  Bülent Tavli,et al.  Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks , 2009, Comput. Stand. Interfaces.

[10]  Dinh-Thuc Nguyen,et al.  A SOLUTION FOR DEFENDING AGAINST DENIAL OF SERVICE ATTACK ON WIRELESS LAN , 2008 .

[11]  James T. Yu,et al.  Rogue Access Point Based DoS Attacks against 802.11 WLANs , 2008, 2008 Fourth Advanced International Conference on Telecommunications.

[12]  John Mourjopoulos,et al.  Wireless Digital Audio Delivery Analysis and Evaluation , 2006, 2006 IEEE International Conference on Acoustics Speech and Signal Processing Proceedings.

[13]  Shukor Abd Razak,et al.  Detection and prevention of denial of service attacks (DOS) in WLANs infrastructure , 2015 .

[14]  Ping Ding,et al.  Security algorithms to prevent Denial of Service ( DoS ) attacks in WLAN , 2013 .

[15]  Gregory B. Brewster,et al.  Empirical studies and queuing modeling of denial of service attacks against 802.11 WLANs , 2010, 2010 IEEE International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[16]  Chee‐Hock Ng,et al.  Queueing Modelling Fundamentals , 1996 .

[17]  Alexandros G. Fragkiadakis,et al.  Denial-of-Service Attacks in Wireless Networks Using Off-the-Shelf Hardware , 2014, HCI.

[18]  Lachlan L. H. Andrew,et al.  Active Queue Management for Fair Resource Allocation in Wireless Networks , 2008, IEEE Transactions on Mobile Computing.

[19]  Md. Sadekur Rahman,et al.  An Experimental Study Analysis of Security Attacks at IEEE 802.11 Wireless Local Area Network , 2015 .