Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

George:

advertisement 
A Preliminary Study of the Effects of Microwave Radiation on 802.11 Wireless
Networks
Bill Hodge
EECS Department
University of California at Berkeley
Draft
1-19-2004
The 802.11 wireless frames are extremely susceptible to external microwave radiation
and can be the target for DoS attacks. Therefore, it would be very useful to be able to
determine if a microwave jamming DoS attack was occurring and then possibly reroute
traffic around the affected area. An algorithm would have to be able to distinguish the
difference between an intentional microwave DoS attack from normal network
congestion. This draft outlines the preliminary results of the study.
Jamming microwave radiation is not selective and therefore has the potential to corrupt
all of the different type of MAC frames (control, management and data frames). In
normal congestion, the MAC layer attempts to avoid collisions by giving each flow in the
collision domain equal access probability to the wireless channel. (but not equal share).
Therefore we would expect the relative number of collisions in normal congestion to be
less than in a DoS attack. In addition, there are probably other differences because the
mechanism for frame corruption is different in the two cases.
A simple but powerful method to monitor the contention window and retransmissions in
a collision domain is to capture the MAC frames via a wireless frame sniffer and plot the
inter-frame arrival time verse frame number. The inter-frame arrival time is measured by
the difference in the timestamp between the data packet and the previous frame.
The above figure displays the inter-frame arrival time verses frame number for a flow
from PC1 to PC2 both running Linux with Orinoco Gold wireless cards. Iperf generates a
1500 byte UDP flow from PC1 to PC2. The throughput was approximately 5.5 Mb/s. The
Linux sniffer PC, with a Linksys WPC11 wireless card captures 802.11b MAC frames
using Ethereal. The plot clearly shows the initial backoff contention window. The spread
in time is approximately 600 microseconds, which is close to 31 slots times 20
microseconds = 620 microseconds. The shortest delay is approximately 1.6 mS and can
be approximately accounted for taken into account the transmission time for the PLCP
preamble and PLCP header (192 bits at 1Mb/s), the MAC Header, LLC header, IP header
and the UDP header (512 bits at 11Mb/s) plus the transmission time of a 1534 byte
payload plus checksum at 11Mb/s. After you add in the 50 microsecond DIFS you get 1.4
mS. This simple calculation is off by about 200 microseconds (probably due to other
unaccounted processing time).
The following figure depicts a timing diagram of the contention window in 802.11b
networks. The backoff time is divided into slots of 20 microseconds each (for 802.11b).
A random number chosen between 0 and 31 determines the initial back off interval. (32
slots) After a failed transmission, the number of slots is doubled until a maximum is
reached. This behavior is responsible for the sharp edges in the plot of the inter-frame
arrival time verses frame number.
A conventional microwave oven was used to generate the jamming microwave radiation
as depicted in the following figure. In this experiment, the PCs ran Windows 2000 and
used Linksys wireless cards. One of the PCs was positioned so the wireless card was
slightly underneath the front of the microwave oven. The other PCs were approximately 7
feet from the microwave. This setup is not optimum because at these distances the
microwave potentially has an effect on all of the PCs.
The plot of inter-frame arrival time verses frame number then displays bands that
correspond to the initial attempt, as well as the first and second retransmission attempts.
The first band corresponds to the initial attempt to transmit a frame and is from 1.6ms to
2.2ms (.600ms wide – approximately 32 slots), the second band is from 1.6ms to 2.8ms
(1.2ms wide – approximately 64 slots). The third band extends to about 5ms and does not
match up as nicely with the estimation for the width of the third transmission band.
Retransmission seems to stop after 3 retransmission attempts. There is an addition band,
which extends from about 13ms to about 15.5ms, which is a bit puzzling. A microwave
oven operates with a period of 16.67 microseconds, so it is tempting to assign it to the
periodic nature of the emission of microwave ovens. However, the structure also shows
up in congestion experiments not involving microwave radiation.
I am still in the process of reducing inter-frame arrival time measurements involving
multiple flows with and without microwave radiation.
Related documents
Rally Quiz
Rally Quiz
Microwave radio transmission is commonly used in point-to
Microwave radio transmission is commonly used in point-to
Microwave method
Microwave method
3.3 B Notes: Venn Diagrams and Properties of Set Operations The
3.3 B Notes: Venn Diagrams and Properties of Set Operations The
a microwave frequency source for upper band
a microwave frequency source for upper band
Download
advertisement