Mitigation of Cascading Denial of Service Attacks on Wi-Fi Networks

摘要

Recent work demonstrates that IEEE 802.11 networks are vulnerable to cascading DoS attacks, whereby a single node can suddenly render an entire network unstable. In this work, we propose, analyze, and simulate a method to prevent such attacks from occurring. Our key idea is to optimize the duration of packet transmissions. To achieve this goal, we show that it is essential to properly model the impact of MAC overhead, and in particular MAC timing parameters. We propose a new theoretical model where we relate the utilization of neighboring pairs of nodes using a sequence of iterative equations and use fixed point techniques to study the limiting behavior of the sequence. Through this analysis, we show how to optimally set the packet duration so that, on one hand, cascading DoS attacks are avoided and, on the other hand, throughput is maximized. We validate our analytical results using extensive ns-3 simulations. A key insight obtained from our analysis and simulations is that IEEE 802.11 networks with relatively large MAC overhead are less susceptible to cascading DoS attacks than networks with smaller MAC overhead.