Detecting and reducing the denial of Service attacks in WLANs

Wireless LANs are susceptible to Denial of Service (DoS) attacks. None of the existing wireless security protocols considers protection against them. We propose a novel scheme that detects and reduce DoS attacks in the WLANs. The scheme is based on random number rate control mechanism. It utilizes delegation concept for authentication at the Access Point (AP). Under flooding DoS, AP is unable to verify large number of client authentication requests. It hence, forwards optional message containing hash to the Authentication Server (AS). AS verifies the hash and sends response back to AP, thereby detecting DoS attack. The attack impact at the AP is reduced by dropping the attack packets while selecting the legitimate one. The scheme protects AS from DoS as hash calculations for detection of DoS are done once only. Scheme also prevents against legacy authentication/association and deauthentication/disassociation flooding DoS attacks.