Researchers from North Carolina State University have developed a way to measure how badly a Wi-Fi network would be disrupted by different types of attacks – a valuable tool for developing new security technologies.
“This information can be used to help us design more effective security systems, because it tells us which attacks – and which circumstances – are most harmful to Wi-Fi systems,” says Dr. Wenye Wang, an associate professor of electrical and computer engineering at NC State and co-author of a paper describing the research.
Wi-Fi networks, which allow computer users to access the Internet via radio signals, are commonplace – found everywhere from offices to coffee shops. And, increasingly, Wi-Fi networks are important channels for business communication. As a result, attacks that jam Wi-Fi networks, blocking user access, are not only inconvenient but have significant economic consequences.
Wang and her team examined two generic Wi-Fi attack models. One model represented persistent attacks, where the attack continues non-stop until it can be identified and disabled. The second model represented an intermittent attack, which blocks access on a periodic basis, making it harder to identify and stop. The researchers compared how these attack strategies performed under varying conditions, such as with different numbers of users.
After assessing the performance of the models, the researchers created a metric called an “order gain” to measure the impact of the attack strategies in various scenarios. Order gain compares the probability of an attacker having access to the Wi-Fi network to the probability of a legitimate user having access to the network. For example, if an attacker has an 80 percent chance of accessing the network, and other users have the other 20 percent, the order gain would be 4 – because the attackers odds of having access are 4 to 1.
This metric is important because a Wi-Fi network can only serve once computer at a time, and normally functions by rapidly cycling through multiple requests. Attacks work by giving the attacker greater access to the network, which effectively blocks other users.
“If we want to design effective countermeasures,” Wang says, “we have to target the attacks that can cause the most disruption. It’s impossible to prevent every conceivable attack.” So, one suggestion the researchers have is for countermeasures to focus on continuous attacks that target networks with large numbers of users – because that scenario has the largest order gain. Beyond that, network security professionals can use the new approach to assess a complicated range of potential impacts that vary according to type of attack and number of users.
The paper, “Modeling and Evaluation of Backoff Misbehaving Nodes in CSMA/CA-based Wireless Networks,” is forthcoming from IEEE Transactions on Mobile Computing and was co-authored by NC State Ph.D. student Zhuo Lu and Dr. Cliff Wang of the U.S. Army Research Office (ARO). The research was funded by the National Science Foundation and ARO.
Note to Editors: The study abstract follows.
“Modeling and Evaluation of Backoff Misbehaving Nodes in CSMA/CA-based Wireless Networks”
Authors: Zhuo Lu, Wenye Wang, North Carolina State University; Cliff Wang, U.S. Army Research Office
Published: forthcoming, IEEE Transactions on Mobile Computing
Abstract: Backoff misbehavior, in which a wireless node deliberately manipulates its backoff time, can induce significant network problems, such as severe unfairness and denial-of-service. Although great progress has been made towards the design of countermeasures to backoff misbehavior, little attention has been focused on quantifying the gain of backoff misbehaviors. In this paper, to assess the gain that misbehaving nodes can obtain, we define and study two general classes of backoff misbehavior: continuous misbehavior, which keeps manipulating the backoff time unless it is disabled by countermeasures, and intermittent misbehavior, which tends to evade the detection of countermeasures by performing misbehavior sporadically. Our approach is to introduce a new performance metric, namely order gain, to characterize the performance benefits of misbehaving nodes in comparison to legitimate nodes in CSMA/CA-based wireless networks. We derive the order gains of both continuous and intermittent misbehaviors and further investigate the relation between our metric, order gain, and the throughput gain for a misbehaving node. We show that in IEEE 802.11 networks, the throughput ratio of a backoff misbehaving node to a legitimate node is either bounded above or proportional to the number of legitimate nodes. We use both simulations and experiments to validate our theoretical analysis and to further demonstrate the impact of a wide range of backoff misbehaviors on network performance in CSMA/CA-based wireless networks.