Preventing wireless deauthentication attacks over 802.11 Networks

TL;DR

This paper investigates deauthentication attacks on 802.11 wireless networks and proposes a session management system to verify and prevent malicious deauthentication frames, enhancing network security against DoS attacks.

Contribution

It introduces a novel session management approach to authenticate deauthentication frames, effectively preventing spoofed DoS attacks on wireless networks.

Findings

The proposed system successfully detects and blocks malicious deauthentication frames.

Implementation results show improved resilience against deauthentication attacks.

The method maintains normal network operations while enhancing security.

Abstract

The objective of this paper is to investigate a special Denial of Service (DoS) attack against 802.11 wireless networks. This attack is known as the Deauthentication / Disassociation attack which is launched against 802.11-based wireless networks. When a client needs to disconnect from the wireless access point, it sends special frames known as deauthentication or disassociation frames. Due to being encrypted, these frames do not require an authenticated user. Hence, an attacker can craft these frames and send them to the access point in such a way that the access point assumes the frames to be coming from the client and not the attacker. In this paper, an efficient solution is proposed to prevent deauthentication attack by using a session management system used to then verify deauthentication frames.