1 / 18

Hidden Terminal based Attack, Diagnosis and Detection

Hidden Terminal based Attack, Diagnosis and Detection. Yao Zhao , Leo Zhao, Yan Chen. Lab for Internet & Security Tech, Northwestern Univ. Outline. Motivation Background on Hidden Terminal Problem Hidden Terminal based DoS attacks in WLAN Current Work on Diagnosis and Detection. Motivation.

xaviera-vaughan
Download Presentation

Hidden Terminal based Attack, Diagnosis and Detection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hidden Terminal based Attack, Diagnosis and Detection Yao Zhao, Leo Zhao, Yan Chen Lab for Internet & Security Tech, Northwestern Univ.

  2. Outline • Motivation • Background on Hidden Terminal Problem • Hidden Terminal based DoS attacks in WLAN • Current Work on Diagnosis and Detection

  3. Motivation • Hidden terminal problem is usually studied in wireless ad hoc networks • Hidden terminal problem for WLAN • HT exists in large WLAN • Limited channels: only 3 out of 11 channels are orthogonal to each other • To cover a large hotspot, hidden terminal problems may occur because of the deployment of APs • Easy to launch DoS attack to WLAN

  4. Outline • Motivation • Background on Hidden Terminal Problem • Hidden Terminal based DoS attacks in WLAN • Current Work on Diagnosis and Detection

  5. What’s Hidden Terminal Problem • S sends a packet to D • H doesn’t know D is receiving packet and broadcast a packet to another node during S’s sending • Two packets are collided at D S D H

  6. RTS DATA CTS ACK CTS Mitigation of HT Problem • RTS-CTS-DATA-ACK procedure • NAV is included in RTS and CTS S D H

  7. Problem of RTS-CTS • WLAN doesn’t enable RTS-CTS by default • RTS and CTS are overhead • In single AP scenario, no HT at all since every clients only communicate with the AP • RTS-CTS cannot totally solve HT problem • A packet may not be correctly received if there’s interference whose strength is much weaker than the packet (1/10)

  8. RTS DATA Interference CTS CTS HT Problem Still Exists • CTS can’t be received by H • H can send P to interfere with DATA S D H P

  9. Outline • Motivation • Background on Hidden Terminal Problem • Hidden Terminal based DoS attacks in WLAN • Current Work on Diagnosis and Detection

  10. HT Problem in WLAN • Hard to deploy WLAN to avoid HT • No global deployment in some environments 3 2 2 B A 1 1 3 3 2

  11. Example of HT in WLAN

  12. HT based DoS • Use two laptops in ad hoc mode • Simple: no extra hardware or change of MAC needed • Powerful • Stealthy

  13. Powerful Attack: Cover Range (1) • P~dα, α=4 (usually 2<α<4) • Packet can’t be received correctly if interfering packets’ power > 1/10 power of the packet

  14. Powerful Attack: Cover Range (2) • AP as sender • Receivers in shaded area suffer HT problem

  15. Conclusion on HT Based Attack • Powerful • About ½ of the coverage of an AP is affected by HT • Stealthy • The victim cannot receive packets from HT • The packets from HT are legal packets • Several factors have the same symptoms: low signals but normal noises • Long distance between AP and clients • Hidden terminal • Phone/Microwave/Bluetooth interference

  16. Current Work on Diagnosis • Preliminary ideas: • Pre-define the coverage area • Strategic walk from different directions

  17. Q&A Thanks!

  18. Future Works • Identify the reason of low throughput • Long distance between AP and clients • HT problem • Phone/Microwave interference • Locate the HT • The victim cannot receive packets from HT • Triangulation approach may not work in indoor environment

More Related