Detecting Selfish Configurations in 802.11 WLANs

Lately, there has been an increase in the number of IEEE 802.11 devices that provide users with the ability to modify the MAC parameters or do not conform to the standard specification. This increases the risk of having a WLAN with selfish stations that, through the CSMA/CA parameters, obtain a larger share of the resources at the expense of well-behaved users. In this letter we propose a mechanism to detect these selfish stations that, unlike previous approaches, is not based on heuristics nor makes any assumption about radio conditions.European Community's Seventh Framework ProgramPublicad

Detection of selfish manipulation of carrier sensing in 802.11 networks

Recently, tuning the clear channel assessment (CCA) threshold in conjunction with power control has been considered for improving the performance of WLANs. However, we show that, CCA tuning can be exploited by selfish nodes to obtain an unfair share of the available bandwidth. Specifically, a selfish entity can manipulate the CCA threshold to ignore ongoing transmissions; this increases the probability of accessing the medium and provides the entity a higher, unfair share of the bandwidth. We experiment on our 802.11 testbed to characterize the effects of CCA tuning on both isolated links and in 802.11 WLAN configurations. We focus on AP-client(s) configurations, proposing a novel approach to detect this misbehavior. A misbehaving client is unlikely to recognize low power receptions as legitimate packets; by intelligently sending low power probe messages, an AP can efficiently detect a misbehaving node. Our key contributions are: 1) We are the first to quantify the impact of selfish CCA tuning via extensive experimentation on various 802.11 configurations. 2) We propose a lightweight scheme for detecting selfish nodes that inappropriately increase their CCAs. 3) We extensively evaluate our system on our testbed; its accuracy is 95 percent while the false positive rate is less than 5 percent. © 2012 IEEE

Thwarting Selfish Behavior in 802.11 WLANs

The 802.11e standard enables user configuration of several MAC parameters, making WLANs vulnerable to users that selfishly configure these parameters to gain throughput. In this paper we propose a novel distributed algorithm to thwart such selfish behavior. The key idea of the algorithm is for honest stations to react, upon detecting a selfish station, by using a more aggressive configuration that penalizes this station. We show that the proposed algorithm guarantees global stability while providing good response times. By conducting a game theoretic analysis of the algorithm based on repeated games, we also show its effectiveness against selfish stations. Simulation results confirm that the proposed algorithm optimizes throughput performance while discouraging selfish behavior. We also present an experimental prototype of the proposed algorithm demonstrating that it can be implemented on commodity hardware.Comment: 14 pages, 7 figures, journa

Real-Time Misbehavior Detection in IEEE 802.11e Based WLANs

The Enhanced Distributed Channel Access (EDCA) specification in the IEEE 802.11e standard supports heterogeneous backoff parameters and arbitration inter-frame space (AIFS), which makes a selfish node easy to manipulate these parameters and misbehave. In this case, the network-wide fairness cannot be achieved any longer. Many existing misbehavior detectors, primarily designed for legacy IEEE 802.11 networks, become inapplicable in such a heterogeneous network configuration. In this paper, we propose a novel real-time hybrid-share (HS) misbehavior detector for IEEE 802.11e based wireless local area networks (WLANs). The detector keeps updating its state based on every successful transmission and makes detection decisions by comparing its state with a threshold. We develop mathematical analysis of the detector performance in terms of both false positive rate and average detection rate. Numerical results show that the proposed detector can effectively detect both contention window based and AIFS based misbehavior with only a short detection window.Comment: Accepted to IEEE Globecom 201

Protecting 802.11-Based Wireless Networks From SCTS and JACK Attacks

The convenience of IEEE 802.11-based wireless access networks has led to widespread deployment. However, these applications are predicated on the assumption of availability and confidentiality. Error-prone wireless networks afford an attacker considerable flexibility to exploit the vulnerabilities of 802.11-based mechanism. Two of most famous misbehaviors are selfish and malicious attacks. In this thesis we investigate two attacks: Spurious CTS attack (SCTS) and Jamming ACK attack (JACK). In the SCTS, malicious nodes may send periodic Spurious CTS packets to force other nodes to update their NAV values and prevent them from using the channel. In the JACK, an attacker ruins legitimate ACK packets for the intention of disrupting the traffic flow and draining the battery energy of victim nodes quickly. Correspondingly, we propose solutions: termed Carrier Sensing based Discarding (CSD), and Extended Network Allocation Vector (ENAV) scheme. We further demonstrate the performance of our proposed schemes through analysis and NS2 simulations

Protecting 802.11-Based Wireless Networks From SCTS and JACK Attacks

The convenience of IEEE 802.11-based wireless access networks has led to widespread deployment. However, these applications are predicated on the assumption of availability and confidentiality. Error-prone wireless networks afford an attacker considerable flexibility to exploit the vulnerabilities of 802.11-based mechanism. Two of most famous misbehaviors are selfish and malicious attacks. In this thesis we investigate two attacks: Spurious CTS attack (SCTS) and Jamming ACK attack (JACK). In the SCTS, malicious nodes may send periodic Spurious CTS packets to force other nodes to update their NAV values and prevent them from using the channel. In the JACK, an attacker ruins legitimate ACK packets for the intention of disrupting the traffic flow and draining the battery energy of victim nodes quickly. Correspondingly, we propose solutions: termed Carrier Sensing based Discarding (CSD), and Extended Network Allocation Vector (ENAV) scheme. We further demonstrate the performance of our proposed schemes through analysis and NS2 simulations

Thwarting selfish behavior in 802.11 WLANs

The 802.11e standard enables user configuration of several MAC parameters, making WLANs vulnerable to users that selfishly configure these parameters to gain throughput. In this paper, we propose a novel distributed algorithm to thwart such selfish behavior. The key idea of the algorithm is for stations to react, upon detecting a misbehavior, by using a more aggressive configuration that penalizes the misbehaving station. We show that the proposed algorithm guarantees global stability while providing good response times. By conducting an analysis of the effectiveness of the algorithm against selfish behaviors, we also show that a misbehaving station cannot obtain any gain by deviating from the algorithm. Simulation results confirm that the proposed algorithm optimizes throughput performance while discouraging selfish behavior. We also present an experimental prototype of the proposed algorithm demonstrating that it can be implemented on commodity hardware.This work was supported by the European Community under the CROWD Project FP7-ICT-318115 and the Centro Universitario de la Defensa under Project CUD2013-05

A novel cheater and jammer detection scheme for IEEE 802.11-based wireless LANs

The proliferation of IEEE 802.11 networks has made them an easy and attractive target for malicious devices/adversaries which intend to misuse the available network. In this paper, we introduce a novel malicious entity detection method for IEEE 802.11 networks. We propose a new metric, the Beacon Access Time (BAT), which is employed in the detection process and inherits its characteristics from the fact that beacon frames are always given preference in IEEE 802.11 networks. An analytical model to define the aforementioned metric is presented and evaluated with experiments and simulations. Furthermore, we evaluate the adversary detection capabilities of our scheme by means of simulations and experiments over a real testbed. The simulation and experimental results indicate consistency and both are found to follow the trends indicated in the analytical model. Measurement results indicate that our scheme is able to correctly detect a malicious entity at a distance of, at least, 120 m. Analytical, simulation and experimental results signify the validity of our scheme and highlight the fact that our scheme is both efficient and successful in detecting an adversary (either a jammer or a cheating device). As a proof of concept, we developed an application that when deployed at the IEEE 802.11 Access Point, is able to effectively detect an adversary. (C) 2015 Elsevier B.V. All rights reserved.Postprint (author's final draft