Cascading Denial of Service Attacks on Wi-Fi Networks

TL;DR

This paper reveals a vulnerability in Wi-Fi networks that enables cascading DoS attacks exploiting hidden nodes, demonstrated through experiments, simulations, and a dynamical systems model predicting critical parameters for attack propagation.

Contribution

It uncovers a new Wi-Fi vulnerability enabling cascading DoS attacks without protocol violations, supported by empirical, simulation, and theoretical analysis.

Findings

Cascading DoS attacks can congest entire Wi-Fi networks.

The attack is effective across different Wi-Fi modes and bit rates.

A phase transition occurs when the retry limit is ≥7, enabling cascading attacks.

Abstract

We unveil the existence of a vulnerability in Wi-Fi, which allows an adversary to remotely launch a Denial-of-Service (DoS) attack that propagates both in time and space. This vulnerability stems from a coupling effect induced by hidden nodes. Cascading DoS attacks can congest an entire network and do not require the adversary to violate any protocol. We demonstrate the feasibility of such attacks through experiments with real Wi-Fi cards, extensive ns-3 simulations, and theoretical analysis. The simulations show that the attack is effective both in networks operating under fixed and varying bit rates, as well as ad hoc and infrastructure modes. To gain insight into the root-causes of the attack, we model the network as a dynamical system and analyze its limiting behavior. The model predicts that a phase transition (and hence a cascading attack) is possible when the retry limit parameter of Wi-Fi is greater or equal to 7, and explicitly characterizes the phase transition region in terms of the system parameters.