Hirose: Connecting the future
Industrial Ethernet Book Issue 67 / 98
  Print this Page   Send to a Friend  

Measuring Wi-Fi attack threats

H3>RESEARCHERS FROM NC State University say that they can determine how a Wi-Fi network would be disrupted by various attack vectors. The information gained enables more secure security systems to be designed, so it is likely to be a valuable tool for developing new security technologies.


Designing appropriate countermeasures: associate professor Wenye Wang says that it is not possible to eleminate all threats.The art is in deciding which attacks attacks are likely to cause the most disruption

Any attack could jam a Wi-Fi network and have potentially serious consequences. An example might be in backoff misbehaviour, in which a wireless node deliberately manipulates its backoff time and, asa result, induce significant network problems such as denial-of-service. Although significant progress has been made towards the design of countermeasures to backoff misbehaviour, relatively little research has been carried out into quantifying backoff misbehaviour gain.

The team from North Carolina State University used two generic Wi-Fi attack models to assess the gain that misbehaving nodes can result in - continuous backoff misbehaviour (which keeps manipulating the backoff time unless it is disabled by countermeasures), and intermittent misbehaviour (which tends to evade the countermeasure detection by performing misbehaviour sporadically). This is, therefore, difficult to identify and stop. The research, which is presented in a paper, entitled 'Modelling and Evaluation of Back off Misbehaving Nodes in CSMA/CA-based Wireless Networks' (IEEE Transactions on Mobile Computing), was carried out under varying conditions, such as would be found in real-life scenarios.

'This information can be used to help us design more effective security systems, because it tells us which attacks - and which circumstances - are most harmful to Wi-Fi systems,' says Dr. Wenye Wang, an associate professor of electrical and computer engineering at NC State and coauthor of a paper describing the research.

Wang and her team examined two generic Wi- Fi attack models. One model represented persistent attacks, where the attack continues non-stop until it can be identified and disabled. The second model represented an intermittent attack, which blocks access on a periodic basis, making it harder to identify and stop. The researchers compared how these attack strategies performed under varying conditions, such as with different numbers of users.

After assessing the performance of the models, the researchers created a metric called an 'order gain' to measure the impact of the attack strategies in various scenarios. Order gain compares the probability of an attacker having access to the Wi-Fi network to the probability of a legitimate user having access to the network. For example, if an attacker has an 80 percent chance of accessing the network, and other users have the other 20 percent, the order gain would be 4 - because the attackers odds of having access are 4 to 1.

This metric is important because a Wi-Fi network can only serve once computer at a time, and normally functions by rapidly cycling through multiple requests. Attacks work by giving the attacker greater access to the network, which effectively blocks other users.

'If we want to design effective countermeasures,' Wang says, 'we have to target the attacks that can cause the most disruption. It's impossible to prevent every conceivable attack.' So, one suggestion the researchers have is for countermeasures to focus on continuous attacks that target networks with large numbers of users - because that scenario has the largest order gain. Beyond that, network security professionals can use the new approach to assess a complicated range of potential impacts that vary according to type of attack and number of users.

It would be impossible to prevent all possible attacks; countermeasures should focus on continuous attacks that target networks having many users, because this situation would possess the largest order gain. However, it is claimed, security experts could also use this method to assess a range of potential effects that vary according to attack type and user number.

The paper 'Modelling and Evaluation of Back off Misbehaving Nodes in CSMA/CA-based Wireless Networks' can be downloaded from http://ieeexplore.ieee.org


Source: Industrial Ethernet Book Issue 67 / 98
   Print this Page    Send to a Friend  

Back

Sponsors:
Analog Devices: Time Sensitive Networking
DINSpace fiber optic and Cat 6 patch panels
Japan IT Week Autumn

Get Social with us:



© 2010-2018 Published by IEB Media GbR · Last Update: 16.11.2018 · 33 User online · Privacy Policy · Contact Us