Robust Detection of MAC Layer Denial-of-Service Attacks in CSMA/CA Wireless Networks

Carrier-sensing multiple-access with collision avoidance (CSMA/CA)-based networks, such as those using the IEEE 802.11 distributed coordination function protocol, have experienced widespread deployment due to their ease of implementation. The terminals accessing these networks are not owned or controlled by the network operators (such as in the case of cellular networks) and, thus, terminals may not abide by the protocol rules in order to gain unfair access to the network (selfish misbehavior), or simply to disturb the network operations (denial-of-service attack). This paper presents a robust nonparametric detection mechanism for the CSMA/CA media-access control layer denial-of-service attacks that does not require any modification to the existing protocols. This technique, based on the -truncated sequential Kolmogorov-Smirnov statistics, monitors the successful transmissions and the collisions of the terminals in the network, and determines how ldquoexplainablerdquo the collisions are given for such observations. We show that the distribution of the explainability of the collisions is very sensitive to changes in the network, even with a changing number of competing terminals, making it an excellent candidate to serve as a jamming attack indicator. Ns-2 simulation results show that the proposed method has a very short detection latency and high detection accuracy.