Layer 1 DoS Attacks - 0 views
-
wirednetworks wirednetworks on 11 Aug 09A particularly troublesome issue for Wi-Fi security is the denial of service (DoS) attack. In a DoS attack, the goal of the attacker is not to penetrate or steal data from the network it is simply to disable the network. For mission-critical systems, this is a serious security concern. If the WLAN goes down, then any application or network resource being accessed through the WLAN is now no longer available. The wireless VoIP phone conversation comes to an abrupt end, communications with your database server are no longer possible, and wireless access to an Internet gateway has been closed. Many denial of service attacks exist at layer 2 and occur when an attacker manipulates information in the layer 2 header of an 802.11 management frame and then retransmits the edited frames into a wireless environment with some sort of packet generator. Numerous published layer 2 DoS attacks exist. The most common is achieved by manipulating de-authentication or disassociation management frames. Currently, layer 2 DoS attacks cannot easily be prevented, but can be easily detected. The 802.11w Task Group is addressing methods to also prevent many layer 2 DoS attacks. This method has been driven by Cisco's Management Frame Protection under the Unified Wireless vision. In the meantime, wireless intrusion detection systems can detect and locate the radio card that is the source of a layer 2 DoS attack. But denial of service attacks to wireless networks can even more easily occur at layer 1 in the RF environment. Layer 1 DoS attacks are a result of radio frequency interference interference. 802.11 WLAN radio cards use a medium access method called carrier sense multiple access/collision avoidance (CSMA/CA). This medium access method ensures that only one single radio card is transmitting at any given time in the half-duplex radio frequency medium. Part of the CSMA protocol is the clear channel assessment (CCA).
