¡@

IEEE 802.11 networks are insecure. Wired Equivalent Privacy (WEP), the security mechanism used in 802.11, was proved to be vulnerable. IEEE 802.11i, the security enhancement, concentrates only on integrity and confidentiality of transmitted frames. Either version did not properly handle the network availability. Because management frames are not authenticated, {802.11, 802.11i} networks are susceptible to Denial of Service (DoS) attacks. In this paper, we designed a random bit authentication mechanism as a defense against DoS attacks. Random bits are placed into unused fields of the management frames. Access Point (AP) and station (STA) can then authenticate each other according to these authentication bits. The effectiveness of our mechanism is demonstrated through experimental results.

Keywords: wireless network security, denial of service, lightweight authentication, deauthentication and disassociation flooding attacks, vulnerability

Retrieve PDF document (200909_11.pdf)

Received November 21, 2007; revised March 10 & May 21, 2008; accepted August 1, 2008.
Communicated by Tzong-Chen Wu.
^* The preliminary work of this paper has been presented in International Computer Symposium 2006.