Detection and Mitigation of De-authentication attacks in WIFI Networks

Abstract

One way to remove a client from the network is by de-authentication. The components of a wireless network, usually referred to as a Wi-Fi network, are an AP (Access Point) and a client. The de-authentication procedure may be initiated by either the AP or the client. To de-authenticate, a de-authentication frame is utilised. A de-authentication frame is a management frame. There are altogether three basic frame types in the IEEE 802.11 standard. Data frames that used to move information between stations. There are various distinct types of data frames, depending on the network. Performing area-clearing operations, channel acquisition and carrier-sensing maintenance tasks, and positive acknowledging of received data all need the employment of control frames in conjunction with data frames. The Management frames complete the process by performing supervision duties; they are used to enter and exit wireless networks. Management frames like de-authentication and disassociation result in the termination of a client’s network connection. The transmission of management frames has always been done in clear text and without message authentication. Due to the fact that they are delivered in clear, de-authentication or disassociation frames can be readily spoofed on the part of a client or an AP. As a result, neither the client nor the AP will be in the 802.11 standard’s authenticated state. Following then, all packets will be discarded until authentication is restored, which will result in the client’s network services being cut off. This assault, a de-authentication attached, is comparable to the man-in-the-middle assault. This specific weakness in the 802.11 Management Frames involves very careful detection and mitigation of de-authentication attacks in Wi-Fi Networks. The goal of this study is to discover a de-authentication attached while it is occurring or has just begun.