Countering Cascading Denial of Service Attacks on Wi-Fi Networks | IEEE Journals & Magazine | IEEE Xplore

Countering Cascading Denial of Service Attacks on Wi-Fi Networks


Abstract:

Recent work demonstrates that IEEE 802.11 networks are vulnerable to cascading DoS attacks, wherein a single node can remotely and suddenly congest an entire network. In ...Show More

Abstract:

Recent work demonstrates that IEEE 802.11 networks are vulnerable to cascading DoS attacks, wherein a single node can remotely and suddenly congest an entire network. In this paper, we propose, analyze, simulate, and experimentally verify a counter-measure against such attacks. Our main idea is to optimize the duration of packet transmissions in order to weaken coupling effects between neighboring pairs of nodes. Toward that end, we propose a new theoretical model that relates the utilization of neighboring pairs of nodes using a sequence of iterative equations. The model captures important specifications of the IEEE 802.11 MAC layer. Through a fixed point analysis of the sequence, we show how to optimally set the packet duration so that, on one hand, cascading DoS attacks are avoided and, on the other hand, throughput is maximized. We validate the analysis through extensive ns-3 simulations and demonstrate the effectiveness of the mitigation through experiments with real Wi-Fi cards. A key insight is that IEEE 802.11 networks with relatively large MAC overhead are less susceptible to cascading DoS attacks than networks with smaller MAC overhead.
Published in: IEEE/ACM Transactions on Networking ( Volume: 29, Issue: 3, June 2021)
Page(s): 1335 - 1348
Date of Publication: 09 March 2021

ISSN Information:

Funding Agency:


Contact IEEE to Subscribe

References

References is not available for this document.