Measuring Impact of Wi-Fi Denial-of-Service Attacks

By John Cox

September 14, 2011 — Network World — A research team at North Carolina State University has proposed a way of measuring the impact of wireless denial-of-service attacks on Wi-Fi networks. It's a step toward building focused counter-measures that can make such attacks costly to pull off.

DoS attacks use a range of techniques and tricks to manipulate 802.11 protocols, with an eye to making it difficult or impossible for legitimate users to connect, or stay connected, to a Wi-Fi access point. In some cases, this simply means users might be unable to wirelessly update their Facebook page for awhile; in others, blocking access to email or other corporate resources; and in others blocking stock trades or other time-critical transactions that could cost companies a lot of money.

More on security: Cyber-attack: A big one is coming says US Cyber Command General

The paper is "Modeling and Evaluation of Backoff Misbehaving Nodes in CSMA/CA-based Wireless Networks," co-authored by N.C. State doctoral student Zhuo Lu, Dr. Wenye Wang, associate professor with NCSU's Department of Electrical and Computer Engineering, and Dr. Cliff Wang of the U.S. Army Research Office. It's due to be published soon by the IEEE Transactions on Mobile Computing.

The title refers to a common, and easy, technique used in denial of service, which prevents other users from communication normally, says Wenye Wang. "In a Wi-Fi network, the Denial of Service attacks are usually generated by so called 'backoff misbehavior,'" she says. Based on the Wi-Fi protocols, client radios "listen" to see if the radio channel is being used. If it is, it "backs off" and waits for a set period, and then listens again. If the channel is clear, it can claim it, and send or receive data.

But an attacker can manipulate this process, changing the rules, Wang says. "[W]hen attacks change the rules of backoff time, it is similar to crashing a queue and occupying it forever," she says. "Of course, [the] other users do not know what happened and would assume the entire network is down."

By shortening its own backoff time, the attacker "can increase the chances of connecting to the access point dramatically, resulting in a much higher probability of access success."

The authors looked at two broad Wi-Fi DoS attacks: one a continuous attack, the other intermittent. The research compared how different attack strategies performed under different variables, such as varying the number of users trying to connect.

The variables mean that DoS attacks have different impacts, or to think of it from the attacker's viewpoint, different gains. It's this area, the different gains that can accrue to "backoff misbehaviors" that has not been well-studied, according to the authors.

• Print