Mitigation Technique/Defensive Measure for Wireless DOS Attack

The protection offered by 802.11i does not defend against the attacks against DoS attacks that we have discussed in previous blogs. But there are certain ways by which we can protect Wireless DOS Attacks like..

• Deploying Wireless LAN Intrusion Detection Systems(WLAN IDS)

This will not actually stop the attack that is taking place but helps in finding out DoS attacks. A WLAN IDS will monitor the wireless environment with the help of sensors placed at strategic points. They can generate detailed reports about signal quality, signal-to-noise ratio and channel usage.

The presence of an attacker can be identified and hopefully administrators within the organization alerted. Having three or more appropriately placed sensors can help to apply triangulation methods to approximately locate the source of a transmission.

• IEEE 802.11w to the rescue

The IEEE goal with 802.11w is to protect management frames in 802.11 networks.This therefore provides wireless networks within organisations the protection against numerous DoS attacks targeted at the Media Access Control (MAC) layer 2. The 802.11w standard will look to provide protection in the following ways:

1. Protecting unicast management frames from forgery and disclosure attacks by encrypting the unicast management frames between an access point and the client.
2. Protecting broadcast management frames from forgery attacks.
3. Protecting broadcast deauthentication and disassociation frames from forgery attacks.

So far we have discussed layer 2/ MAC layer DoS attacks but DoS attack can also be performed on Physical Layer. An attacker using a laptop equipped with a high output wireless client card and a high gain antenna can launch a physical medium attack on an organization’s wireless network by generating enough RF noise to reduce the signal-to-noise ratio to an unusable level by saturating the 802.11 frequency bands. The jamming device could also be a custom built transmitter.

 It is not possible to stop someone from transmitting using the same frequency used by wireless networks. Disruptions to organizations can also be caused by noise from everyday household items such as microwave ovens, cordless phones, or any other appliance that operate on the 2.4 GHz or 5 GHz radio frequency that 802.11 networks make use of. 

To defend against physical attacks, strategic placement of access points is crucial. Mounting access points at heights will at least prevent attackers from easily reaching and destroying the access point. Organizations can help to protect a wireless network against DoS attacks by making the buildings as resistive as possible to incoming radio signals.

Installation of metallic window tint instead of blinds or curtains can help prevent RF leakage and incoming radio signals. Also the use of metallic based "Wi-Fi proof wallpaper" 23 and "Wi-Fi paint" 24 on the interior parts or the exterior walls will reduce RF leakage and incoming radio signals.