Hidden Terminal based Attack, Diagnosis and Detection Yao Zhao, Leo Zhao, Yan Chen Lab for Internet & Security Tech, Northwestern Univ.
Hidden Terminal based Attack, Diagnosis and Detection Yao Zhao, Leo Zhao, Yan Chen Lab for Internet & Security Tech, Northwestern Univ.
Dec 21, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Hidden Terminal based Attack, Diagnosis and Detection
Yao Zhao, Leo Zhao, Yan Chen
Lab for Internet & Security Tech, Northwestern Univ.
Outline
• Motivation
• Background on Hidden Terminal Problem
• Hidden Terminal based DoS attacks in WLAN
• Current Work on Diagnosis and Detection
Motivation
• Hidden terminal problem is usually studied in wireless ad hoc networks
• Hidden terminal problem for WLAN– HT exists in large WLAN
• Limited channels: only 3 out of 11 channels are orthogonal to each other
• To cover a large hotspot, hidden terminal problems may occur because of the deployment of APs
– Easy to launch DoS attack to WLAN
Outline
• Motivation
• Background on Hidden Terminal Problem
• Hidden Terminal based DoS attacks in WLAN
• Current Work on Diagnosis and Detection
What’s Hidden Terminal Problem
S D H
• S sends a packet to D
• H doesn’t know D is receiving packet and broadcast a packet to another node during S’s sending
• Two packets are collided at D
Mitigation of HT Problem• RTS-CTS-DATA-ACK procedure• NAV is included in RTS and CTS
S D HRTSCTS CTSDATAACK
Problem of RTS-CTS
• WLAN doesn’t enable RTS-CTS by default– RTS and CTS are overhead– In single AP scenario, no HT at all since
every clients only communicate with the AP
• RTS-CTS cannot totally solve HT problem– A packet may not be correctly received
if there’s interference whose strength is much weaker than the packet (1/10)
HT Problem Still Exists• CTS can’t be received by H• H can send P to interfere with DATA
S D HRTSCTS CTSDATA P
Interference
Outline
• Motivation
• Background on Hidden Terminal Problem
• Hidden Terminal based DoS attacks in WLAN
• Current Work on Diagnosis and Detection
• Hard to deploy WLAN to avoid HT
• No global deployment in some environments
HT Problem in WLAN
12
3
3
2
2
3
1A B
Example of HT in WLAN
HT based DoS• Use two laptops in ad hoc mode• Simple: no extra hardware or change of MAC
needed• Powerful• Stealthy
Powerful Attack: Cover Range (1)
• P~dα, α=4 (usually 2<α<4)• Packet can’t be received correctly if interferin
g packets’ power > 1/10 power of the packet
AP H1
0.56
Powerful Attack: Cover Range (2)
• AP as sender• Receivers in shaded area suffer HT
problem
AP H
x 1.78x
Conclusion on HT Based Attack
• Powerful– About ½ of the coverage of an AP is
affected by HT
• Stealthy– The victim cannot receive packets from HT– The packets from HT are legal packets– Several factors have the same symptoms:
low signals but normal noises• Long distance between AP and clients• Hidden terminal• Phone/Microwave/Bluetooth interference
Current Work on Diagnosis
• Preliminary ideas:– Pre-define the coverage area– Strategic walk from different directions
V H
Q&A
Thanks!
Future Works
• Identify the reason of low throughput – Long distance between AP and clients– HT problem– Phone/Microwave interference
• Locate the HT– The victim cannot receive packets from
HT– Triangulation approach may not work in
indoor environment
Related Documents
