A Software-Defined Testbed for Quantifying Deauthentication Resilience in Modern Wi-Fi Networks

TL;DR

This paper presents a software-defined testbed to evaluate Wi-Fi network resilience against deauthentication attacks, demonstrating the effectiveness of management-frame protection in modern security configurations.

Contribution

We developed a flexible testbed for controlled experiments on Wi-Fi security configurations, providing empirical evidence of deauthentication attack vulnerabilities and protections.

Findings

Open, WPA1, and WPA2 without PMF are vulnerable to deauthentication.

WPA2 with PMF and WPA3 resist deauthentication attacks under tested conditions.

Management-frame protection significantly enhances Wi-Fi security against DoS attacks.

Abstract

Wi-Fi deauthentication attacks remain a practical denial-of-service (DoS) threat by exploiting unprotected management frames to disrupt client connectivity. In this work, we introduce a software-defined testbed to measure Wi-Fi resilience to deauthentication attacks. We experimentally evaluate five wireless security configurations: open networks, WPA1, WPA2 without Protected Management Frames (PMF), WPA2 with PMF, and WPA3. Using controlled experiments, we measure client disconnection rates, packet injection volume, and time-to-disruption under each configuration. Packet-level behavior is analyzed using standard wireless auditing tools. Open networks, WPA1, and WPA2 without PMF proved entirely vulnerable to deauthentication, while no successful attacks were observed for WPA2 with PMF or WPA3 under tested conditions. These findings confirm the effectiveness of management-frame protection and highlight the continued risk posed by legacy or misconfigured wireless deployments.