THESIS
2014
xi, 45 pages : illustrations ; 30 cm
Abstract
The shared nature of the medium in wireless networks makes them susceptible to
all sorts of careless or malicious misbehaviour. Among them, jamming, which involves
purposefully trying to interfere with the transmission and reception, is one of the major
forms of attacks that can easily be staged in wireless local area networks (WLANs).
In this thesis we propose a new jamming attack on hidden nodes in WLANs. This
attack deliberately targets uplink TCP acknowledgement packets (TCP-ACKs) of some
downlink TCP flow as a means of increasing the throughput of the attacker(s). The
jamming attack is designed in such a way that no modification to the wireless hardware
is needed and it can be easily staged on commercial off-the-shelf wireless nodes. The
attack consists of a series of well...[
Read more ]
The shared nature of the medium in wireless networks makes them susceptible to
all sorts of careless or malicious misbehaviour. Among them, jamming, which involves
purposefully trying to interfere with the transmission and reception, is one of the major
forms of attacks that can easily be staged in wireless local area networks (WLANs).
In this thesis we propose a new jamming attack on hidden nodes in WLANs. This
attack deliberately targets uplink TCP acknowledgement packets (TCP-ACKs) of some
downlink TCP flow as a means of increasing the throughput of the attacker(s). The
jamming attack is designed in such a way that no modification to the wireless hardware
is needed and it can be easily staged on commercial off-the-shelf wireless nodes. The
attack consists of a series of well-coordinated stealth attacks on TCP traffic with the
collective effect of degrading the target's throughput by causing occasional time-outs and
by increasing its round-trip times (RTTs). In this attack, a rogue node first scans the
channel for downlink traffic (from the AP), identifies one or several target nodes, then relies on our probabilistic estimation model to forecast the time when a transmission
of jamming signal has a high likelihood of colliding with the target's generated TCP-ACKs. Repeating this process intelligently results in a decrease of the average window
of the targeted TCP sender and an increase in its round-trip time, in addition to some
occasional time-outs due to consecutive TCP-ACK losses. The rogue node and/or its
colluding attackers can thus increase their TCP throughput. We conduct ns-2 protocol
simulations to demonstrate the effectiveness of such attack and discuss its immunity to
detection by existing detection schemes. We also identify some possible parameters that
may be used in building future detection mechanisms to counter this attack.
Post a Comment