IEEE 802.11 Standards
Widespread of IEEE 802.11 standard of wireless network has created several challenges. There are various vulnerabilities associated through the Mac and physical layers of IEEE 802.11 wireless networks that consists of Denial of Service (DoS) attacks. In current years, it has been observe that the DoS attacks are getting valuable attention from various researchers and it also further concluded that MAC layers that are related to DoS attacks are easily be launched by by means of the shelf equipment. Moreover, in most of the cases it has been observed that the attacker frauds MAC wireless devices towards stopping all processes wireless network (Thorpe and Murphy 2014). There is also a possibility of address spoofing for MAC, as IEEE 802.11 standards does not offer authentication source control for each frame and manage them respectively. Hence, the securities standards of IEEE 802.11 standard are are not quite effective for solving problems. The attackers launch their attack with the availability of various tools. Therefore, this work signifies that the DoS attacks are exploited by MAC layers vulnerabilities of IEEE 802.11 networks. Moreover, we also have identified the standards of IEEE 802.11 and how this standard address issues accordingly. Finally, we have also carried out several experiments that help in demonstrating the layer 2 security vulnerabilities (Wright and Cache 2015).
This study will describe IEEE 802.11 management as well as control frames that are susceptible attacks of DoS. The study will also analyze various processes, which utilize these kinds of frames respectively.
Three prime sorts of frames are utilized in IEEE 802.11 networks, which are recognized like the frames of management, frames of data and frames of control. The frames of data is highly associated with carrying superior data protocol within body frames, whereas frames of control basically assists while delivering data frames with the help of providing area cleaning operations, maintenance functions and channel acquisition and the MAC layer function of reliability. Management frames execute managerial function, which are more likely to leave and join wireless network and shift connection from several points of access. Table 1 below provides list of significant Management and Control Frames (Poularakis et al., 2016).
|
Control Frames |
Management Frames |
|
Request to Send (RTS) |
Probe Request / Response |
|
Clear to Send (CTS) |
Authentication / Not Valid |
|
Acknowledgement (ACK) |
Association Request / Response |
|
Power Save Poll (PS-Poll) |
Reassociation Request / Response |
|
Disassociation |
Figure 1: Table 1
Created by Author
All the APs from time to time transmit an inspiration frame. Most of the clients listens and agrees to the inspirational frame in order to identify the range of APs. Therefore, on the other hand 802.11 most of the clients convey probe request frames towards searching and finding the entire active wireless network, which is within their limit. Moreover, prior to send data on wireless network, it performs message exchange procedure, which is shown in figure 1 (Thorpe and Murphy 2014).
Frame Types
Generally, this process begins with the clients, who search for particular network with the help of conveying probe request to multiple channels. Moreover, the configurations of the prob request are programmed with such types of probe inquiry requests. There is only one difference prevailing between periodic beacon frames and probe request is that all the beacons consists of Traffic Indication Map (TIM) that shows the snooze mode of the stations and have the data frames in the AP’s buffer system. Moreover, after finding the existing BSS, the response frames and the authentication request are basically exchanged between the AP and the clients accordingly. There are two types of Authentication open authentication and secure authentication with the help of IEEE 802.11 standards (Wright and Cache 2015). Therefore, after the end of the authentication process the response frames and the association process are exchanged among the AP and the client. Moreover, with the help of this process, the clients learn about the MAC address of AP and AP provides the logical port of map that can be recognized as Association Identifier (AID) towards wireless client. Therefore, multiple APs authenticate IEEE 802.11 clients. Nevertheless, it must be associated with only one AP at a given point of time.
In both the networks of IEEE 802.11 and IEEE 802.11s, all the attackers convey packets through the usage of the spoofed source of MAC address through an access point. Therefore, tools like Airsnarf, KisMAC and AirJack respectively launch these attacks. There are two types of MAC layers vulnerabilities. They are:
- Identity Vulnerabilities
- Media Access Vulnerabilities
There is a rise in the identity vulnerabilities of the MAC address in the system. Moreover, the MAC address includes 12 bytes address and no number of proper mechanisms has been developed for this frames verification. Therefore, with the help of which the attackers are spoofing the MAC address that lead towards several distinctive vulnerabilities (Poularakis et al., 2016).
The attacker while blocking the access to the medium itself performs Media access vulnerabilities. It is blocked with the help of collision domains such as virtual carrier sense and physical carrier sense mechanisms. Times window attack virtual carrier attacks are the attacks that are been launched by this blocking. Furthermore, the identified vulnerabilities result in two types of attacks, which are as follows:
- De-authentication Attack
- Disassociation Attack
A connection between the APs and the clients is established with the help of various frames as shown in the figure 2. As most of the frames are unprotected and are spoofed by the attacker accordingly. The attackers send de authentication call to the clients address. According to this the communication between them are halted respectively and thus enable the attackers to send spoofed messages to respective clients by terminating their connection accordingly (Chan, Berger and Tong 2013).
Client and AP Association Process
There are various possibilities where the clients are been authenticated to more than one APs at a single point of time. As shown in the figure 3, it shows the exchange of frames between the clients and the APs due to very reason of disassociation attack. When the clients send association request to the APs it is been spoofed by the attackers thus halting the communication. Then the clients send disassociation request to the APs having source address that is in relative to client address (Cheng and Deng 2014). The clients send Reassociation request to the APs in order to regain the connection. As in this case the connection requires less amount of time this kind o attacks is not as much severe as the de authentication attack.
Figure 2: De-authentication Attack
Created by Author
Figure 3: Disassociation Attack
Created by Author
Most of the companies are evaluating the use of wireless networks that have a strong benefit for their respective business. IEEE Wi-Fi has good standards and it has a line of product ranges. The product 802.11n, it is designed to deliver a speed of 300Mb/sec rate (Moura et al., 2015). Moreover, the main concern for the clients is not speed but also great amount of security is needed also. The 802.11 w has cryptographic algorithms that provides efficacy in data protection.
There has been implementation of a new task group that has begun working on 802.11w that will extend the security and not just the data itself towards the management frames. The new and modern 802.11w is the advancement of 802.11 to cover the security features of the management frames.
The new protection procedure of 802.11w consists of three different parameters. Firstly, the new protection will be to cover protection of the management frames between the clients and the access points that is known as unicast frames. Secondly, it will also cover all the vulnerabilities of the generic broadcast management frames that is often used to adjust the frequency of radio properties (Huang et al., 2016). In this protection, a key will be attached to the access points in order to prevent forge messages while using the desired network. Lastly, the final protection is for the disassociation and de authentication frames. It provides security by using the keys that the client will determine which de authentication process is valid or not. Therefore, it will enable the forgers and various DoS attackers to make less usage of management frames while attacking their networks (Bellalta et al., 2016).
Reference
Bellalta, B., Bononi, L., Bruno, R. and Kassler, A., 2016. Next generation IEEE 802.11 Wireless Local Area Networks: Current status, future directions and open challenges. Computer Communications, 75, pp.1-25.
Chan, D.S., Berger, T. and Tong, L., 2013. Carrier sense multiple access communications on multipacket reception channels: Theory and applications to IEEE 802.11 wireless networks. IEEE Transactions on Communications, 61(1), pp.266-278.
Cheng, R.S. and Deng, D.J., 2014. Congestion control with dynamic threshold adaptation and cross?layer response for TCP Vegas over IEEE 802.11 wireless networks. International Journal of Communication Systems, 27(11), pp.2918-2930.
Huang, Y., Wang, Y., Zhu, R., Chen, X. and Meng, Q., 2016, July. Synchronized contention windows-based backoff algorithm in IEEE 802.11 wireless networks. In Computer, Information and Telecommunication Systems (CITS), 2016 International Conference on (pp. 1-5). IEEE.
Moura, H., Bessa, G.V., Vieira, M.A. and Macedo, D.F., 2015, May. Ethanol: Software defined networking for 802.11 wireless networks. In Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on (pp. 388-396). IEEE.
Poularakis, K., Iosifidis, G., Pefkianakis, I., Tassiulas, L. and May, M., 2016. Mobile Data Offloading Through Caching in Residential 802.11 Wireless Networks. IEEE Transactions on Network and Service Management, 13(1), pp.71-84.
Thorpe, C. and Murphy, L., 2014. A survey of adaptive carrier sensing mechanisms for IEEE 802.11 wireless networks. IEEE Communications Surveys & Tutorials, 16(3), pp.1266-1293.
Wright, J. and Cache, J., 2015. Hacking exposed wireless: wireless security secrets & solutions. McGraw-Hill Education Group.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
