260 likes | 548 Views
FIJI : F ighting I mplicit J amming I n 802.11 WLANs. Ioannis Broustis, Konstantinos Pelechrinis, Dimitris Syrivelis Srikanth V. Krishnamurthy, Leandros Tassiulas. The problem. “Performance anomaly” in 802.11.
E N D
FIJI: Fighting Implicit Jamming In 802.11 WLANs Ioannis Broustis, Konstantinos Pelechrinis, Dimitris Syrivelis Srikanth V. Krishnamurthy, Leandros Tassiulas
The problem • “Performance anomaly” in 802.11. • Under saturation conditions, 802.11 provides the same long-termthroughput to all clients of an accesspoint (AP). Low throughput
The problem (ii) • An attacker can exploit this behavioral trend. • The placement of a jammer next to a client can nullify the total throughput! -- Implicitly all clients are jammed.
The impact of the attack • The throughput of all clients is drastically degraded. • A measurement example from our testbed: 7 ft
Our contribution • We propose FIJI, a framework for Fighting Implicit Jamming In 802.11 WLANs. • FIJI looks for anomalies in the AP load distribution toefficiently perform jammer detection. • It shapes the traffic such that: • Clients that are not explicitly jammed, stop experiencing starvation. • Jammed clients receive themaximum possible throughput under jamming. • We implement and evaluate FIJI on our testbed. • FIJI allocates the throughput in a fair and efficient way.
Prior work on addressing the anomaly • Packet aggregation. • High-rate nodes transmit many packets back-to-back, separated by SIFS. • Efficient, but requires modifications on 802.11. • MAC contention window manipulation. • High-rate nodes get more frequent medium access. • Efficient, but also requires modifications on 802.11. • Use of predefined data rate classes. • Setting the data rate equal to the transmission rate for poor links. • Inadequate, since it still saturates the traffic at the MAC layer.
Prior work on anti-jamming • Frequency hopping techniques. • Legitimate nodes jump to different channels in order to avoid jammers. • Inadequate in wideband jamming scenarios. • Wideband jammers cover a large numberof bands. • Other previous anti-jamming techniques do not consider implicit jammers. • FIJI is the first system to address such attackers.
Attack model • Low-power deceptive jammer. • Transmits dummy packets back-to-back. • Ignores the back-off algorithm. • Challenging to detect, since transmitted packets are seemingly legitimate. • Placed right next to legitimate clients. • Use of very low power to conserve energy. • Able to operate on a wide band. • Frequency hopping rendered inappropriate.
FIJI to combat the implicit jamming attack • Thegoal of FIJI is twofold: • To detect the attack and restore the throughput on clientsthat are not explicitlyjammed. • We call these clientshealthy. • To maintain connectivity and provide the highest possible throughput to clients thatare explicitly jammed. • We call these clientsjammed. • FIJI consists of a jammer detection module and a traffic shaping module.
Detection module • Approach: measuring the client transmission delays: • Data unit transmission delay: • Client • Packet length • Instantaneous deliverable rate • Aggregate transmission delay Da: the sum of the delays of all clients of an AP. • A sudden, very high increase in Da typically implies that one or more clients is under jamming. • This works well, as we show through experimentation.
Traffic shaping module: notations • Number of clients jammed • Number of clients of AP • Jammed client i • Data unit transmission delay of client • Packet size in benign conditions • Packet size for client • Instantaneous deliverable rate for client • Aggregate transmission delay of jammed clients
Traffic shaping module: DPT • With DPT, we seek to minimize the aggregate transmission delay for the jammed clients: • Constraint: • With DPT, we make sure that the healthy clients experience a similar aggregate transmission delay as in benign conditions. --->
How does DPT operate? • Let us consider 1 AP, 2 healthy clients (c1, c2) and 1 jammed client (c3). • c1, c2 and c3 have data unit delays d1, d2 and d3 respectively. • Client throughput in benign conditions: • When c3 is jammed, the throughput becomes:
How does DPT operate? • DPT ensures that by setting a packet size towards the jammed client equal to • The throughput with DPT for healthy clients is: • Thus: • and hence FIJI restores the throughput at the healthy clients.
How does DPT operate? • The jammed client cannot receive a higher throughput if we further decrease the packet size. • With packet size the throughput at is: • The required condition becomes: • … this is always true, hence:
Implementation • We use a prototype version of theIntel ipw2200AP driver/firmware. • We measure the data unit transmission delay per client at the AP, and from this the aggregate transmission delay. • Temporary variations of these delays are handled by using weighted moving average filtering. • We implement DPT in the Click Modular Router from MIT.
Intel-2915 Our testbed • 28 Soekris net4826 nodes • Intel 2915a/b/g cards • Omni antennas • Kernel v2.6 over NFS • We perform experiments late at night with 802.11a and g • Avoid external interference
Constant jammer implementation • We implement a user-space utility that saturates the system with broadcast UDP packets. • Deceptive jammer; back-to-back dummy packets. • We set the CCA (Clear Channel Assessment) threshold to be 0 dBm. • The card ignores all 802.11 signals during carrier sensing • We bypass the MAC back-off procedure.
Evaluating the speed of detection • Very quick detection • The client delay increases sharply in less than 700 msec • By 26 times in this experiment
Evaluating the accuracy of detection • Detecting jamming on good quality links • Typically in all of our experiments: If > 9, then FIJI can effectively detect the attack.
Evaluating the accuracy of detection • FIJI and poor quality links • Difficult to make a decision • But unlikely to be the case • Jammer want to harm the network as much as possible. • Selecting poor quality linksdoes not harm the network much. • A clever attacker will typically prefer high-quality AP->client links
Evaluating the traffic shaping module • DPT is the most fair solution
AP Jammer Jammed clients Evaluating the traffic shaping module • FIJI can easily handle scenarios with multiple jammed clients. • Here, both nodes #11 and #37 are jammed.
Evaluating the traffic shaping module • Data rate shaping techniques are not as fair as DPT
Conclusions • FIJI is able to efficiently detect the implicit jamming attack in most cases. • FIJI performs a fair and efficient throughput allocation. • Healthy clients are shielded from experiencing starvation. • Jammed clients receive as much as they can get under jamming. • Applicable with minor wireless driver/firmware updates.
Questions? • Thank you.