Rogue Access Point Based DoS Attacks against 802.11 WLANs

Abstract

The growing popularity of the 802.11-based Wireless LAN (WLAN) also increases its risk of security attacks. This paper presents an analysis and solution to two Denial of Service (DoS) attacks: Deauthentication flooding (DeauthF) and disassociation flooding (DisassF) attacks. We conducted experiments to understand the impact of the attacks, and applied the Markov chain model to study the transition probabilities under attacks. We then follow the newly proposed 802.11 w standard and implement a solution to prevent the attacks. Our results show that 802.11 w is effective for low rate deauthentication and disassociation attacks but fails to protect against the flooding attacks because it takes significant resources to authenticate frames. We propose an integrated approach to applying traffic pattern filtering (TPF) over 802.11 w to resolve DeauthF and DisassF DoS attacks. The simulation results yields satisfactory performance for the integrated approach.