Hidden Terminal based Attack, Diagnosis and Detection

Hidden Terminal based Attack, Diagnosis and Detection Yao Zhao, Leo Zhao, Yan Chen Lab for Internet & Security Tech, Northwestern Univ.

Outline • Motivation • Background on Hidden Terminal Problem • Hidden Terminal based DoS attacks in WLAN • Current Work on Diagnosis and Detection

Motivation • Hidden terminal problem is usually studied in wireless ad hoc networks • Hidden terminal problem for WLAN • HT exists in large WLAN • Limited channels: only 3 out of 11 channels are orthogonal to each other • To cover a large hotspot, hidden terminal problems may occur because of the deployment of APs • Easy to launch DoS attack to WLAN

What’s Hidden Terminal Problem • S sends a packet to D • H doesn’t know D is receiving packet and broadcast a packet to another node during S’s sending • Two packets are collided at D S D H

RTS DATA CTS ACK CTS Mitigation of HT Problem • RTS-CTS-DATA-ACK procedure • NAV is included in RTS and CTS S D H

Problem of RTS-CTS • WLAN doesn’t enable RTS-CTS by default • RTS and CTS are overhead • In single AP scenario, no HT at all since every clients only communicate with the AP • RTS-CTS cannot totally solve HT problem • A packet may not be correctly received if there’s interference whose strength is much weaker than the packet (1/10)

RTS DATA Interference CTS CTS HT Problem Still Exists • CTS can’t be received by H • H can send P to interfere with DATA S D H P

HT Problem in WLAN • Hard to deploy WLAN to avoid HT • No global deployment in some environments 3 2 2 B A 1 1 3 3 2

Example of HT in WLAN

HT based DoS • Use two laptops in ad hoc mode • Simple: no extra hardware or change of MAC needed • Powerful • Stealthy

Powerful Attack: Cover Range (1) • P~dα, α=4 (usually 2<α<4) • Packet can’t be received correctly if interfering packets’ power > 1/10 power of the packet

Powerful Attack: Cover Range (2) • AP as sender • Receivers in shaded area suffer HT problem

Conclusion on HT Based Attack • Powerful • About ½ of the coverage of an AP is affected by HT • Stealthy • The victim cannot receive packets from HT • The packets from HT are legal packets • Several factors have the same symptoms: low signals but normal noises • Long distance between AP and clients • Hidden terminal • Phone/Microwave/Bluetooth interference

Current Work on Diagnosis • Preliminary ideas: • Pre-define the coverage area • Strategic walk from different directions

Q&A Thanks!

Future Works • Identify the reason of low throughput • Long distance between AP and clients • HT problem • Phone/Microwave interference • Locate the HT • The victim cannot receive packets from HT • Triangulation approach may not work in indoor environment

Hidden Terminal based Attack, Diagnosis and Detection

Hidden Terminal based Attack, Diagnosis and Detection

Presentation Transcript

Hidden Terminal Problem and Exposed Terminal Problem in Wireless MAC Protocols

Chiller Fault Detection and Diagnosis (FDD)

Migraine Diagnosis and treatment of the attack

Consistency-Based Diagnosis

A K/N Attack-Resilient ICT Shield for SCADA Systems, with State Based Attack Detection

Social Engineering Attack Detection Model

DNA Based Diagnosis and Treatment

Scalable Network - based Buffer Overflow Attack Detection

Attack Detection and Prevention with OWASP AppSensor

Storm-scale Vortex Detection and Diagnosis

Advanced Attack Detection and Infrastructure Protection

New Methods in Attack Detection

Consistency-based diagnosis

Attack Detection in Wireless Localization

Fault Detection and Diagnosis (II)

Hidden Terminal based Attack, Diagnosis and Detection

Pain attack and panic disorder diagnosis and treatment

New Methods in Attack Detection

Consistency-Based Diagnosis

Fault Detection and Diagnosis

Intrusion Detection and Hackers Exploits IP Spoofing Attack

Heart Attack Signs, Symptoms, and Diagnosis