Channel switch and quiet attack: New DoS attacks exploiting the 802.11 standard

Proceedings - Conference on Local Computer Networks, LCN

Volumn , Issue , 2009, Pages 14-21

  Könings, Bastian ^a   Schaub, Florian ^a   Kargl, Frank ^a   Dietzel, Stefan ^a  

^a UNIVERSITY OF ULM   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

DOS ATTACKS; IEEE 802.11S; INFORMATION ELEMENTS; NETWORK COMMUNICATIONS; NETWORK INTERFACE CARDS; OPERATING SYSTEMS; SECURITY WEAKNESS; WI-FI - TECHNOLOGY;

COMPUTER CRIME; COMPUTER OPERATING SYSTEMS; INTERFACES (COMPUTER); INTERNET; MOBILE DEVICES; STANDARDS;

WIRELESS NETWORKS;

EID: 77951273497     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/LCN.2009.5355149     Document Type: Conference Paper

References (35)

1. Cisco, "German hospital leads with 802.11n mobility," 2009. [Online]. Available: http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ ps6973/case-study c36-522101.pdf
2. L. Phifer, "Case study: Leveraging next-gen wi-fi to transform healthcare," jan 2009. [Online]. Available: http://itmanagement.earthweb. com/mowi/article.php/3794341/Case-Study-Leveraging-Next-Gen-Wi-Fi-to-Transform- Healthcare.htm
3. S. R. Fluhrer, I. Mantin, and A. Shamir, "Weaknesses in the key scheduling algorithm of RC4," in Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography. Springer-Verlag, 2001, pp. 1-24. [Online]. Available: http://portal.acm.org/citation.cfm?id=646557. 694759
4. N. Borisov, I. Goldberg, and D. Wagner, "Intercepting mobile communications: the insecurity of 802.11," in Proceedings of the 7th annual international conference on Mobile computing and networking. Rome, Italy: ACM, 2001, pp. 180-189. [Online]. Available: http://portal.acm.org/citation.cfm?id= 381695
5. A. Stubblefield, J. Ioannidis, and A. D. Rubin, "Using the fluhrer, mantin, and shamir attack to break WEP," in Network and Distributed System Security Symposium (NDSS). The Internet Society, 2002.
6. W. Arbaugh, N. Shankar, Y. Wan, and K. Zhang, "Your 802.11 wireless network has no clothes," Wireless Communications, IEEE, vol.9, no.6, pp. 44-51, 2002.
7. IEEE, "Std 802.11i - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications - Amendment 6: Medium Access Control (MAC) Security Enhancements," IEEE, 2004.
8. E. Tews and M. Beck, "Practical attacks against wep and wpa," in WiSec '09: Proceedings of the second ACM conference on Wireless network security. New York, NY, USA: ACM, 2009, pp. 79-86.
9. W. Xu, W. Trappe, Y. Zhang, and T. Wood, "The feasibility of launching and detecting jamming attacks in wireless networks," in Proceedings of the 6th ACM international symposium on Mobile ad hoc networking and computing. Urbana-Champaign, IL, USA: ACM, 2005, pp. 46-57. [Online]. Available: http://portal.acm.org/citation.cfm?id=1062689.1062697
10. M. Acharya, T. Sharma, D. Thuente, and D. Sizemore, "Intelligent jamming in 802.11b wireless networks," in Proceedings of OPNETWORK. Washington D.C., USA: OPNET, 2004.
11. M. Ståhlberg, "Radio jamming attacks against two popular mobile networks," Helsinki University of Technology, 2000. [Online]. Available: http://www.tml.tkk.fi/Opinnot/Tik-110.501/2000/papers/stahlberg.pdf
12. C. Wullems, K. Tham, J. Smith, and M. Looi, "A trivial denial of service attack on IEEE 802.11 direct sequence spread spectrum wireless LANs," in Wireless Telecommunications Symposium, 2004, pp. 129-136.
13. R. Gummadi, D. Wetherall, B. Greenstein, and S. Seshan, "Understanding and mitigating the impact of RF interference on 802.11 networks," SIGCOMM Comput. Commun. Rev., vol.37, no.4, pp. 385-396, 2007.
14. E. Bayraktaroglu, C. King, X. Liu, G. Noubir, R. Rajaraman, and B. Thapa, "On the performance of IEEE 802.11 under jamming," in INFOCOM 2008. The 27th Conference on Computer Communications. IEEE, 2008, pp. 1265-1273.
15. J. Bellardo and S. Savage, "802.11 denial-of-service attacks: Real vulnerabilities and practical solutions," in Proc. USENIX, 2003, pp. 15-28.
16. S. Ahmad, J. V. R. Murthy, and A. Vartak, "Autoimmunity disorder in wireless LANs," DEFCON, 2008, DEFCON 16. [Online]. Available: http://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-ahmad.pdf
17. B. Chen, V. Muthukkumarasamy, N. Guimaraes, P. Isaias, and A. Goikoetxea, "Denial of service attacks against 802.11 DCF," in Proceedings of the IADIS International Conference: Applied Computing, 2006.
18. Y. Zhou, D. Wu, and S. M. Nettles, "Analyzing and preventing MAC-layer denial of service attacks for stock 802.11 systems," in Workshop on Broadband Wireless Services and Applications (BROADNETS), 2004.
19. D. J. Thuente and M. Acharya, "Intelligent jamming in wireless networks with applications to 802.11b and other networks," in Proc. MILCOM, October 2006.
20. D. J. Thuente, B. Newlin, and M. Acharya, "Jamming vulnerabilities of IEEE 802.11e," in Proc. MILCOM, 2007, pp. 1-7.
21. M. Acharya and D. Thuente, "Intelligent jamming attacks, counterattacks and (Counter)̂2 attacks in 802.11b wireless networks," in Proceedings of OPNETWORK. Washington D.C., USA: OPNET, 2005.
22. L. Guang and C. Assi, "Vulnerability assessment of ad hoc networks to MAC layer misbehavior," Wireless Communications and Mobile Computing, vol.7, no.6, pp. 703-715, 2007. (Pubitemid 47265059)
23. N. Cam-Winget, D. Smith, and J. Walker, "IEEE 802.11-07/2163r0 - A-MPDU security issues," IEEE, 2007. [Online]. Available: https://mentor.ieee.org/802.11/file/07/11-07-2163-01-000n-a-mpdu-security- issues.ppt
24. L. Qian, N. Cam-Winget, and D. Smith, "IEEE 802.11-08/0755r1 - review of 802.11n A-MPDU DoS issues," IEEE, 2008. [Online]. Available: https://mentor.ieee.org/802.11/file/ 08/11-08-0755-01-000n-review-of-a-mpdu-dos- issues.ppt
25. J. Wright, "High speed risks in 802.11n networks," in RSA Conference. ARUBA Networks, 2008. [Online]. Available: http://www. willhackforsushi.com/presentations/rsa2008-wright.pdf
26. S. Glass and V. Muthukkumarasamy, "A study of the TKIP cryptographic DoS attack," in 15th IEEE International Conference on Networks (ICON), 2007, pp. 59-65.
27. C. He and J. C. Mitchell, "Security analysis and improvements for IEEE 802.11i," in 12th Annual Network and Distributed System Security Symposium, 2005, pp. 90-110.
28. F. Ferreri, M. Bernaschi, and L. Valcamonici, "Access points vulnerabilities to DoS attacks in 802.11 networks," in IEEE Wireless Communications and Networking Conference (WCNC), vol.1, 2004, pp. 634-638 Vol.1.
29. L. Butti and J. Tinnés, "Discovering and exploiting 802.11 wireless driver vulnerabilities," Journal in Computer Virology, vol.4, no.1, pp. 25-37, 2008.
30. Q. Chen, F. Schmidt-Eisenlohr, D. Jiang, M. Torrent-Moreno, L. Delgrossi, and H. Hartenstein, "Overhaul of ieee 802.11 modeling and simulation ns-2," in Proceedings of the 10th International Symposium on Modeling Analysis and Simulation of Wireless and Mobile Systems, MSWiM 2007, C.-F. Chiasserini, N. B. Abu-Ghazaleh, and S. E. Nikoletseas, Eds. Chania, Crete Island, Greece: ACM, Oct. 2007, pp. 159-168. [Online]. Available: http://doi.acm.org/10.1145/1298126.1298155
31. IEEE, "Std 802.11h - Part 11: Wireless LAN MAC and PHY Layer specifications - Amendment 5: Spectrum and Transmit Power Management Extensions in the 5 GHz band in Europe," IEEE, 2003.
32. ETSI, "EN 301 893 v1.5.1: Broadband Radio Access Networks (BRAN); 5 GHz High Performance RLAN," 2008.
33. IEEE, "P802.11w/D6.0 - Part 11: Wireless LAN MAC and PHY Layer specifications - Amendment 4: Protected Management Frames," IEEE, 2008.
34. -, "Std 802.11e - part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications - amendment 8: Medium access control (MAC) quality of service enhancements," 2005.
35. -, "P802.11n™/D5.0 - draft amendment to STANDARD for information Technology-Telecommunications and information exchange between systems - local and metropolitan networks-Specific requirements-Part 11: Wireless LAN medium access control (MAC) and physical layer (PHY). amendment 4: Enhancements for higher throughput." 2008.