Document Server@UHasselt >
Research >
Research publications >

Please use this identifier to cite or link to this item: http://hdl.handle.net/1942/19047

Title: Injection attacks on 802.11n MAC frame aggregation
Authors: ROBYNS, Pieter
QUAX, Peter
Issue Date: 2015
Publisher: ACM
Citation: Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks
Abstract: The ability to inject packets into a network is known to be an important tool for attackers: it allows them to exploit or probe for potential vulnerabilities residing on the connected hosts. In this paper, we present a novel practical methodology for injecting arbitrary frames into wireless networks, by using the Packet-In-Packet (PIP) technique to exploit the frame aggregation mechanism introduced in the 802.11n standard. We show how an attacker can apply this methodology over a WAN -- without physical proximity to the wireless network and without requiring a wireless interface card. The practical feasibility of our injection method is then demonstrated through a number of proof-of-concept attacks. More specifically, in these proof-of-concepts we illustrate how a host scan can be performed on the network, and how beacon frames can be injected from a remote location. We then both analytically and experimentally estimate the success rate of these attacks in a realistic test setup. Finally, we present several defensive measures that network administrators can put in place in order to prevent exploitation of our frame injection methodology.
URI: http://hdl.handle.net/1942/19047
Link to publication: https://robyns.me/docs/robyns2015injection.pdf
DOI: 10.1145/2766498.2766513
ISBN: 9781450336239
Category: C1
Type: Proceedings Paper
Validation: vabb, 2018
Appears in Collections: Research publications

Files in This Item:

Description SizeFormat
Published version479.21 kBAdobe PDF
Proof of Peer review273.49 kBAdobe PDF
Peer-reviewed author version1.14 MBAdobe PDF

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.