skip to main content
10.1145/1298239.1298273acmconferencesArticle/Chapter ViewAbstractPublication PagesmswimConference Proceedingsconference-collections
Article

Regional-based authentication against dos attacks in wireless networks

Published: 22 October 2007 Publication History

Abstract

In this work we focus on resource depletion attacks within IEEE 802.11 networks. This type of DoS attacks is used to exhaust access points' resources resulting in denying service to legitimate clients and rising the opportunity for more sophisticated attacks. It is usually based on flooding an access point (AP) with a high number of fake authentication requests. This paper introduces a protection method which assists APs to selectively block fake requests sent by an attacker, while at the same time allowing other legitimate clients to successfully join the network. For this purpose we introduce the concept of regions, estimates on client's relative locations. The concept itself is similar to a known protection against DoS attacks based on client puzzles in wired networks, yet had to be adjusted to the peculiarities of wireless networks. Rather than utilizing CPU or memory-based resources that are highly variable among wireless clients we take advantage of wireless characteristics such as broadcast communication, signal propagation, and dense deployment of IEEE 802.11 technology. The proposed protection enables a tradeoff between security and performance thus providing its adaptation to different network configurations.

References

[1]
W. A. Arbaugh, S. Shankar, J. Wang, and K. Zhang. Your 802.11 Network has No Clothes. In Proceedings of the First IEEE International Conference on Wireless LANs and Home Networks, pages 15--28, December 2001.
[2]
J. Bellardo and S. Savage. 802.11 Denial-of-Service attacks: Real Vulnerabilities and Practical Solutions. In Proceedings of the USENIX Security Symposium, pages 15--28, August 2003.
[3]
M. Demirbas and Y. Song. An RSSI-based Scheme for Sybil Attack Detection in Wireless Sensor Networks. In WOWMOM '06: Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks, pages 564--570. IEEE Computer Society, June 2006.
[4]
D. B. Faria and D. R. Cheriton. DoS and Authentication in Wireless Public Access Networks. In WiSe '02:Proceedings of the 2004 ACM Workshop on Wireless Security, pages 47--56. ACM Press, September 2002.
[5]
D. B. Faria and D. R. Cheriton. Detecting Identity-based Attacks in Wireless Networks using Signalprints. In WiSe '06: Proceedings of the 5th ACM workshop on Wireless security, pages 43--52. ACM Press, 2006.
[6]
R. Floeter. Wireless LAN Security Framework: void11. http://www.wirelessdefence.org/Contents/Void11Main.htm (last access: 2007-08-01).
[7]
I. Martinovic, F. A. Zdarsky, A. Bachorek, C. Jung, and J. B. Schmitt. Phishing in the Wireless: Implementation and Analysis. In Proceedings of the 22nd IFIP International Information Security Conference (SEC 2007). Springer LNCS, May 2007.

Cited By

View all
  • (2014)Machine learning approach for detection of flooding DoS attacks in 802.11 networks and attacker localizationInternational Journal of Machine Learning and Cybernetics10.1007/s13042-014-0309-27:6(1035-1051)Online publication date: 2-Nov-2014
  • (2014)On the IEEE 802.11i security: a denial‐of‐service perspectiveSecurity and Communication Networks10.1002/sec.10798:7(1378-1407)Online publication date: 21-Aug-2014
  • (2008)Wireless client puzzles in IEEE 802.11 networksProceedings of the first ACM conference on Wireless network security10.1145/1352533.1352541(36-45)Online publication date: 31-Mar-2008

Index Terms

  1. Regional-based authentication against dos attacks in wireless networks

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      Q2SWinet '07: Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks
      October 2007
      192 pages
      ISBN:9781595938060
      DOI:10.1145/1298239
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 22 October 2007

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. denial-of-service (DoS) attacks
      2. impersonation attacks
      3. wireless LAN

      Qualifiers

      • Article

      Conference

      MSWiM07
      Sponsor:

      Acceptance Rates

      Overall Acceptance Rate 46 of 131 submissions, 35%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)1
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 20 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2014)Machine learning approach for detection of flooding DoS attacks in 802.11 networks and attacker localizationInternational Journal of Machine Learning and Cybernetics10.1007/s13042-014-0309-27:6(1035-1051)Online publication date: 2-Nov-2014
      • (2014)On the IEEE 802.11i security: a denial‐of‐service perspectiveSecurity and Communication Networks10.1002/sec.10798:7(1378-1407)Online publication date: 21-Aug-2014
      • (2008)Wireless client puzzles in IEEE 802.11 networksProceedings of the first ACM conference on Wireless network security10.1145/1352533.1352541(36-45)Online publication date: 31-Mar-2008

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media