Analysis of IEEE 802.11 standard From Security Standpoint and Finding Solution To PS-poll based DOS Attack

Abstract

The proliferation of networking across the world continues to grow at an incredible rate. In the past decade the growth of Wireless Local Area Networks (WLAN) was even more astounding. The Institute of Electrical and Electronics Engineers (IEEE) standard 802.11 for WLAN, ratified in 1999 was widely accepted by the industry. Due to the scarcity of battery power in portable devices operating in WLANs, 802.11 directly addressed the need of Power Saving (PS). It defines a mechanism allowing stations (STA) to go into sleep mode without losing information. Identification of flaws in security mechanism of 802.11 led to amendments / enhancements in the standard, but availability issues persisted. Even in the latest IEEE security standard 802.11i, management and control frames are unprotected. Thus the possibility of identity theft exposes WLAN to Denial of Service (DoS) attacks thereby compromising availability. DoS attacks have high success rate in PS mode, as portable mobile devices recurrently operate in this mode to conserve battery power. Moreover, at the time when attack is being perpetrated, the legitimate user is quiescent and thus oblivious to this malicious activity on the network. IEEE 802.11 standard has been analyzed for identity vulnerabilities. Attacks have been studied to identify the niche of DoS attacks in PS mode. A solution for this persisting vulnerability has been proposed and analyzed for its effectiveness by simulation. The solution is effective, efficient and robust. It can be incorporated in wireless stations by just firmware upgrades, not needing any additional hardware.