Pseudo Random Number Based authentication to counter denial of service attacks on 802.11

Abstract

Wireless networks have gained unmatched popularity as compared to the wired network access technologies due to expedient deployment, flexibility and low cost. However, the security aspects in wireless local area networks (WLANs) is an active research area. The inherent security weaknesses of the wireless medium pose a much more stern threat as compared to the wired networks. Even with the ratification of 802.11i, WLANs based on 802.11 Standard remain vulnerable to denial of service (DoS) attacks due to unprotected and unauthenticated Management and Control Frames. Different types of defense techniques and protocols have been proposed to counter these threats. These either possess certain deficiencies or have implementation complexities. Moreover, no solution encompassing all DoS attacks based on Management and Control Frames has yet been proposed. The paper proposes a robust solution to effectively counter all Management and Control Frame based DoS attacks by using Pseudo Random Number Based authentication. The mechanism involves replacement of Cyclic Redundancy Checksum 32 (CRC32) in the frame check sequence field (FCS) with CRC16 and using the spared 16 bits for authentication. The proposed scheme is easily deployable without any implementation complexities and does not require any additional infrastructure or hardware for its employment.