A Solution to Spoofed PS-Poll Based Denial of Service Attacks in IEEE 802.11 WLANs

摘要

Wireless Local Area Networks (WLAN) provide connectivity along with flexibility at low cost. Appreciating the exponential growth in this area, Institute of Electrical and Electronics Engineers (IEEE) ratified IEEE standard 802.11 in 1999 which was widely accepted as the defacto industry standard for interconnection of portable devices. Due to the scarcity of battery power in portable devices operating in WLANs, 802.11 directly addresses the issue of Power Saving (PS) and defines a whole mechanism to allow stations (STA) to go into sleep mode without losing information, as access point (AP) keeps buffering the messages directed to the sleeping STA. Growing use of 802.11 lead to the identification of flaws in security specifications of the standard known as Wired Equivalent Privacy (WEP). These flaws were addressed by the introduction of amendments/enhancements. However, IEEE's security enhancements failed to achieve the desired objectives especially availability, which is the main concern of any network administrator. Identity theft due to unauthenticated management and control frames left a window open for hackers to launch successful Denial of Service (DoS) attacks. The PS functions of 802.11 present several identity based vulnerabilities, exploiting which, an attacker can spoof the polling message on behalf of the STA and cause the AP to discard the buffered packets of the client while it is asleep. As a result, an attacker can block the victim STA from receiving frames from the AP, thus launching a successful DoS attack. In this paper we have explained the spoofed PS-Poll based DoS attack and proposed a robust solution to this problem.