IEEE 802.11 Denial of Service Attack Detection and Mitigation Techniques
Item
-
Title
-
IEEE 802.11 Denial of Service Attack Detection and Mitigation Techniques
-
Identifier
-
d_2009_2013:e1015caf589a:11627
-
identifier
-
12207
-
Creator
-
Soryal, Joseph,
-
Contributor
-
Tarek Saadawi
-
Date
-
2013
-
Language
-
English
-
Publisher
-
City University of New York.
-
Subject
-
Electrical engineering | Computer science | Computer engineering | Cryptography | Cyber security | DoS Attacks | Markov Chain | Network Security | Wireless Networks
-
Abstract
-
The dissertation presents comprehensive detection and mitigation techniques to combat intelligent denial of service (DoS) attacks targeting the Media Access Control Layer operating on IEEE 802.11, which is the most widely used standard in the wireless technology.;My research stems from the following: (1) the attack is fairly easy to implement but difficult to detect by traditional methods, and (2) impact is severe to a point that it would completely disrupt communication in the network. The goal of my research is to effectively detect the attacker without having false positive results and to find a methodology to reduce the negative impact on the network in different environments.;The negative impact of the DoS attack is investigated and analyzed using network simulators. The designed algorithms are validated using mathematical modeling and network simulators to prove the effectiveness and feasibility of the introduced solutions. The solution is successfully applied on three different physical layer technologies; Direct-Sequence Spread Spectrum, Frequency Hopping Spread Spectrum, and Orthogonal frequency-division multiplexing.;The detection technique applied the solution of the two-dimensional Markov Chain model to determine the detection thresholds in fixed and mobile environments. Markov Chain model is extended to cover multiple wireless domains to include the hidden nodes inside the extended network.;Two mitigation techniques using channel hopping are developed to combat the DoS attack in both fixed and mobile environments. The first mitigation technique is designed to operate in a mixed trusted environment, where two groups exist and one group poses a higher trust level than the other one. When a user of the less-trusted group implements the DoS attack, the algorithm will isolate the attacker along with the less-trusted group. The concept of the "Victim" is implemented, which gives the attacker the false feeling that the attack is successful and continuing as opposed to the reality. The second mitigation technique is designed to operate in environments where all users are authenticated and trusted, however one user turned rouge. The algorithm will isolate the attacker via disseminating the new channel by using asymmetric cryptography.
-
Type
-
dissertation
-
Source
-
2009_2013.csv
-
degree
-
Ph.D.
-
Program
-
Engineering
