Unleashing the shrew: a stealth greedy targeted attack on TCP traffic in wireless LANs

Abstract

This paper presents a new jamming attack in wireless LANs that deliberately targets uplink TCP acknowledgements (TCP-ACKs) of downlink TCP flows. To ensure immunity to detection with existing schemes, in this attack, the attacker does not jam the target constantly; instead, it relies on our probabilistic estimation model to forecast the time when its transmission has the highest likelihood of colliding with the target's generated TCP-ACKs. Repeating this process results in a decrease of the average congestion window of the targeted due to an increased round-trip time (RTT). The rogue node and/or its colluding attackers can grab this freed bandwidth and increase their throughput. We demonstrate via ns-2 simulation the effectiveness of such attack and show how easy it is to deploy without hardware modification. We also discuss its immunity to detection by existing detection schemes and investigate some parameters that may be used in building future detection mechanisms.