Empirical studies and queuing modeling of denial of service attacks against 802.11 WLANs

The growing popularity of 802.11-based wireless LANs (WLAN) also increases the risk of security attacks. Most studies of WLAN security are on the protection of data integrity, and few studies are addressing the issue of Denial of Service (DoS) attacks. This paper studies two major DoS attacks of authentication request flooding (AuthRF) and association request flooding (AssRF). Our studies show that these DoS attacks cause significant performance degradations and may disconnect the communications. A queuing model is presented to study the attacking mechanisms, and the causes of performance degradations. The analytical results of the queuing model are validated by the simulation model, and both results are consistent with the empirical data. The queuing model analysis leads to the development of four solutions: Request Authentication (RA), Reduction of Duplicate Requests (RDR), Reduction of Response Retransmissions (RRR), and Round Robin Transmission (RRT). We tested these four solutions and collected empirical data to validate the effectiveness of the solutions. A comparison of these four solutions is presented to show their strengths and weaknesses in resolving the attacks.