Using Random Bit Authentication to Defend IEEE 802.11 DoS Attacks

Abstract

The security of IEEE 802.11 networks has always been a heavily discussed issue. WEP, the security mechanism adopted in 802.11, was proved to be vulnerable and easily attacked. The enhanced version of 802.11[1], 802.11i[2], concentrates on maintaining integrity and confidentiality when transmitting 802.11 frames. Either version did not consider the network availability aspect properly. Because management frames are not protected by any key-based authentication, Denial of Service (DoS) attacks is a threat to an {802.11, 802.11i} network. In this paper, we designed a random bit authentication mechanism to protect 802.11 networks from DoS attacks. Random bits are placed into unused fields of the management frames. AP and STA can then authenticate each other according to these authentication bits. The effectiveness of our mechanism in defending DoS attacks is demonstrated using our experimental results.