This paper examines the denial of service attacks that an 802.16 Broadband Wireless Access network is susceptible to at the physical and medium access control layers. In our threat model, we assume that the attacker is external to the network i.e. the attacker cannot associate with the network and send packets as a participant; nor can the attacker decrypt encrypted data. However, the attacker is able to analyze the unencrypted parts of the management traffic and observe the timing, size and source of traffic. Further, the attacker can send jamming signals that disrupt a specific packet and cause its contents to be discarded. In this scenario we analyze the vulnerabilities. We find that the attacker can prevent or hinder communication with little effort by disrupting certain important control packets. We detail these attacks and their effects. This analysis also suggests the mitigation techniques to be employed to reduce or eliminate such attacks. Keywords IEEE 802.16, denial of servi...
Siddharth Maru, Timothy X. Brown