Detection and prevention of de-authentication attack in real-time scenario

Abstract

Wireless Local Area Network (WLAN) is an infrastructure network in which nodes are connected to a centralized system to provide Internet access to mobile users by radio waves. But WLANs are vulnerable to Medium Access Control (MAC) layer Denial of Service (DoS) attacks due to the susceptibility of the management frames. An attacker can spoof the MAC address of the legitimate client and perform de-authentication attack to disconnect WLANs users from the access point. Many free tools are available in Kali Linux Operating System (OS) by which this attack can be performed and cause a security threat to WLAN users. The consequences of de-authentication DoS attack are frequent disconnection from Internet, traffic redirection, man-in-the-middle attack, and congestion. Despite enormous efforts in combating de-authentication DoS attack in the past decade, this attack is still a serious threat to the security of the cyber world. Medium Access Control Spoof Detection and Prevention (MAC SDP) DoS algorithm performs detection and prevention of de-authentication attack caused by spoofing MAC address. This algorithm is modified to make it more immune to the de-authentication attack and implemented in real-time scenario. The results show that the proposed technique increases the packet flow rate by 20.36%, reduces the packet loss by 95.71%, and reduces the down time and recovery time by 0.39 sec and 0.9 sec respectively as compared to MAC SDP DoS algorithm.