Towards Network Denial of Service Resistant Protocols
Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts
UbiComp '01 Proceedings of the 3rd international conference on Ubiquitous Computing
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
Proceedings of the 7th International Workshop on Security Protocols
A public-key based authentication and key establishment protocol coupled with a client puzzle
Journal of the American Society for Information Science and Technology
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Moderately hard, memory-bound functions
ACM Transactions on Internet Technology (TOIT)
Shake them up!: a movement-based pairing protocol for CPU-constrained devices
Proceedings of the 3rd international conference on Mobile systems, applications, and services
Integrity (I) Codes: Message Integrity Protection and Authentication Over Insecure Channels
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
An RSSI-based Scheme for Sybil Attack Detection in Wireless Sensor Networks
WOWMOM '06 Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks
Detecting identity-based attacks in wireless networks using signalprints
WiSe '06 Proceedings of the 5th ACM workshop on Wireless security
Regional-based authentication against dos attacks in wireless networks
Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks
Enabling Secure and Spontaneous Communication between Mobile Devices using Common Radio Environment
HOTMOBILE '07 Proceedings of the Eighth IEEE Workshop on Mobile Computing Systems and Applications
Jamming for good: a fresh approach to authentic communication in WSNs
Proceedings of the second ACM conference on Wireless network security
Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks
Computer Standards & Interfaces
Fast track article: Bringing law and order to IEEE 802.11 networks-A case for DiscoSec
Pervasive and Mobile Computing
Wireless vulnerability of SCADA systems
Proceedings of the 50th Annual Southeast Regional Conference
Secure client puzzles based on random beacons
IFIP'12 Proceedings of the 11th international IFIP TC 6 conference on Networking - Volume Part II
| Hi-index | 0.00 |
Resource-depletion attacks against IEEE 802.11 access points (APs) are commonly executed by flooding APs with fake authentication requests. Such attacks may exhaust an AP's memory resources and result in denied association service, thus enabling more sophisticated impersonation attacks accomplished by rogue APs. This work introduces the concept of wireless client puzzles, a protection method which assists an AP to preserve its resources by discarding fake requests, while allowing legitimate clients to successfully join the network. Rather than conditioning a puzzle's solution on computational resources of highly heterogeneous clients, the puzzles utilize peculiarities of a wireless environment such as broadcast communication and signal propagation which provide more invariant properties. Using an implementation of the proposed scheme, we demonstrate its effectiveness within a realistic scenario. Based on the insights from the implementation a simulation is used to extend the threat model and to scale up the scenario. Simulations verify our implementation results and show that the impact of flooding rate is decreased by 75% even if an attacker changes its position or manipulates its signal strength, while ≈ 90% of the legitimate stations are still able to successfully associate during an attack.