Analysis of the Impact of AuthRF and AssRF Attacks on IEEE 802.11e-based Access Point

Abstract

This paper analyzes several Denial of Service (DoS) attacks at Medium Access Control (MAC) level, with an emphasis on the attacks related to authentication and association mechanisms in WLANs. In particular, a detailed analytical model is presented based on IEEE 802.11e access point (AP) queuing model, which shows the impact of the authentication and association flooding attacks. Using the proposed queuing model, the paper discusses the differences in behavior of APs based on both IEEE 802.11 and IEEE 802.11e standards, under DoS attacks. The analytical model is further extended in order to tackle the 802.11e AP behavior, followed by appropriate quantitative results for different types of Authentication Request Flooding (AuthRF) and Association Request Flooding (AssRF) DoS attacks. More specific, the paper analyzes the AP behavior being under AuthRF DoS attacks with three different levels of attack intensity: Low Level (LL), Medium Level (ML) and High Level (HL), at the same time assuming different traffic priorities. The analysis reveals that during the attack, the implemented algorithm plays a significant role in the overall performance. Namely, if an appropriate model is applied during LL and ML DoS attacks, the high priority traffic will be less affected, providing it with an opportunity to be served with significantly lower losses compared to the low priority traffic. The proposed queuing model and the developed analytical approach can be also used for each protocol layer, especially if the attacks involve flooding with too many requests (ICMP, TCP SYN, UDP etc.). The last part of the paper provides a comprehensive survey of different mechanisms used to mitigate the effects of the DoS attacks on MAC sublayer.