Table 1 Wireless DoS attacks prevention schemes
From: Protected control packets to prevent denial of services attacks in IEEE 802.11 wireless networks
Authors | Method | Strategy | Weaknesses |
|---|---|---|---|
Rachedi and Benslimane (2008) [1] | Cryptographic | Add transmitter address to CTS and ACK packets; authentication using hmac-MD5 or hmac-sha1 of 80-160b | The model is incapable of preventing replay attacks and contention-free DoS attacks |
Khan and Hasan (2008) [2] | Cryptographic | Change CRC-32 to CRC-16 and use PRF-16 from hmac-sha1 | The model has three drawbacks: modifying CRC which is used for all other types of packets, short security field, and inability to prevent replay attacks |
Bicakci and Tavli (2009) [3] | Cryptographic | Symmetric algorithm to encrypt/hash function to authenticate the CP | The model does not specify the symmetric encryption or authentication algorithms |
Qureshi et al. (2008) [19] | Cryptographic | Encryption using PRF-160 bits | The model only protects polling CP while still DoS attacks are possible using other types of CP |
Chen et al. (2007) [20] | Detection | DoS attacks detection using CUSUM | The model only detects RTS and CTS DoS attacks while incapable of detecting DoS using other CP. Besides it is unable to prevent the DoS attacks |
Detection | Keep track of statistical distribution pattern of CP when a uniform pattern only belongs to attacker | The model provides only detection while unable to prevent the DoS attacks | |
Zhang et al. (2008) [23] | Detection | ENAV to give enough time to sender of data fame to receive ACK packet | The model only protects ACK packet while DoS attack is possible by other types of CP |
Negi and Rajeswaran (2005) [24] | Validation | Introduce a new packet called CTSR to revoke the NAV if no data is sensed after RTS or CTS transmission | Unprotected new CTSR frame causes a new DoS attacks itself. Besides, the model is not able to prevent DoS attacks using other types of CP |
Chen et al. (2003) [25] | Validation | Two timers as RTS-DATA and CTS-ACK to check reception of data and ACK packets, respectively | The model is incapable of preventing DoS attacks using contention-free CP |
Bellardo and Savage (2003) [26] | Validation | Place limit on duration value of CP: ACK duration must be zero, discarding RTS if data frames is not sensed, ignoring isolated CTS packets | The model does not specify prevention of contention-free DoS attacks. Besides ignoring CTS packets while they may belong to hidden nodes can significantly degrade wireless network performance |