Protecting Against A-MSDU Attacks in Mesh Networks

may 2025 n.w
1 / 9
Embed
Share

This submission discusses a defense mechanism to detect and mitigate A-MSDU attacks within mesh networks, focusing on the A-MSDU Present subfield manipulation. It addresses the security issues arising from unauthorized changes to the QoS control field and presents adopted mitigations to safeguard network integrity.

  • Mesh Networks
  • Network Security
  • A-MSDU Attacks
  • IEEE 802.11
  • Mitigation
rayaanacharya
ble_b Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. May 2025 doc.: IEEE 802.11-24/948r0 Protecting against A-MSDU Attacks in Mesh Networks Date: 2025-05-13 Authors: Name Mathy Vanhoef Affiliations KU Leuven Address Celestijnenlaan 200a, 3000 Heverlee, Belgium Phone email Mathy.Vanhoef@kuleuven.be Submission Slide 1 Mathy Vanhoef, KU Leuven

  2. May 2025 doc.: IEEE 802.11-24/948r0 Abstract This submission proposes a defense to detect when a malicious outsider changes the A-MSDU Present subfield to 1 inside a mesh BSS (MBSS). This mitigates certain attacks in case signaling and payload protected A-MSDUs (SPP A-MSDUs) are not being used. Submission Slide 2 Mathy Vanhoef, KU Leuven

  3. May 2025 doc.: IEEE 802.11-24/948r0 Background: FragAttacks CVE-2020-24588 A-MSDU Present subfield in the QoS control field not authenticated. Adversary could inject arbitrary frames by changing this subfield to 1 of specially crafted encrypted frames. Ideal solution: mandate Signaling and Payload Protected A-MSDUs (SPP A-MSDUs). But required devices updates and has compatibility issues. Extra adopted mitigation: detect if an outsider turned an MSDU into an A- MSDU, i.e., detect if the the A-MSDU Present subfield in the QoS Control field was changed from 0 to 1. Submission Slide 3 Mathy Vanhoef, KU Leuven

  4. May 2025 doc.: IEEE 802.11-24/948r0 Adopted mitigation: details Example MSDU (top) turned into an A-MSDU in a nonmesh BSS (bottom): Mitigation: detect attack by comparing the destination address of the first A-MSDU subframe to AA:AA:03:00:00:00 (= start of RFC1042 header) This mitigation was added in the submission On A-MSDU addressing : https://mentor.ieee.org/802.11/dcn/21/11-21-0816-03-000mon-a-msdu- addressing.docx Submission Slide 4 Mathy Vanhoef, KU Leuven

  5. May 2025 doc.: IEEE 802.11-24/948r0 Mitigation fails in mesh networks In a mesh BSS, all MSDUs start with a 6-byte Mesh Control field, followed by an optional and variable-length Mess Address Extension field, and only then the RFC1042 header: Submission Slide 5 Mathy Vanhoef, KU Leuven

  6. May 2025 doc.: IEEE 802.11-24/948r0 Mitigation fails in mesh networks Bottom: bytes parsed as an A-MSDU Mitigation: on reception of A-MSDU, determine where RFC1042 would have started if parsed as MSDU, and drop if equal to AA-AA-03-00-00-00. Submission Slide 6 Mathy Vanhoef, KU Leuven

  7. May 2025 doc.: IEEE 802.11-24/948r0 Proposed wording for mitigation in MBSS: let M be the value of the two least significant bits of the first octet of the first A-MSDU subframe header, then if M is not equal to 3, the six octets at offset (6 + M 6) measured from the first octet of the first A-MSDU subframe header shall not be AA-AA-03-00-00-00 Submission Slide 7 Mathy Vanhoef, KU Leuven

  8. Month Year doc.: IEEE 802.11-24/948r0 Questions / comments? Submission Slide 8 Mathy Vanhoef, KU Leuven

  9. May 2025 doc.: IEEE 802.11-24/948r0 References - 802.11me/D7.0 - Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation. In USENIX Security Symposium, 2021. Permanently stored in ISBN 978-1-939133-24-3 at pages 161 to 178. Submission Slide 9 Mathy Vanhoef, KU Leuven

Related


Elevating Security with Tata Wiron_ Karimulla Group, the Authorised Distributor in Tirupati(05.04.2024)

Elevating Security with Tata Wiron_ Karimulla Group, the Authorised Distributor in Tirupati(05.04.2024)

Suresh
Elevating Security with Tata Wiron_ Karimulla Group, the Authorised Distributor

Elevating Security with Tata Wiron_ Karimulla Group, the Authorised Distributor

Suresh
Computer Networks: Basics, Components, and Topologies

Computer Networks: Basics, Components, and Topologies

corey
Exploring the impact of automated indexing on completeness of MeSH terms

Exploring the impact of automated indexing on completeness of MeSH terms

rupert
Mesh and Star Network Topologies

Mesh and Star Network Topologies

amias
The General Data Protection Regulation (GDPR) and Data Protection Bill

The General Data Protection Regulation (GDPR) and Data Protection Bill

helena
IEEE 802.11be MLD Architecture Discussion

IEEE 802.11be MLD Architecture Discussion

madison
IEEE Std. 802.11-22/1017r0 Overview and Architecture Presentation

IEEE Std. 802.11-22/1017r0 Overview and Architecture Presentation

jewel
Groundskeeping Safety and Personal Protective Equipment Training

Groundskeeping Safety and Personal Protective Equipment Training

ives
Incidence of Mesh Fractures in Open Ventral Hernia Repair with Mediumweight Polypropylene Mesh

Incidence of Mesh Fractures in Open Ventral Hernia Repair with Mediumweight Polypropylene Mesh

esti
Hastelloy Wire Mesh Durable and Reliable

Hastelloy Wire Mesh Durable and Reliable

nickelwiremesh
IEEE 802.11-17-1728-01-000m: Frame Body Capture Effect Study

IEEE 802.11-17-1728-01-000m: Frame Body Capture Effect Study

choudhury_c
Microservices and Service Mesh in Modern Cloud Architecture

Microservices and Service Mesh in Modern Cloud Architecture

kborm
Overview of MAAD MAC Address Designation Scheme for IEEE 802.11-22/1650r4

Overview of MAAD MAC Address Designation Scheme for IEEE 802.11-22/1650r4

rini_lyn
REFLUX AFTER SLEEVE GASTRECTOMY AND HIATUS HERNIA REPAIR; REFLUX AFTER SLEEVE GASTRECTOMY AND HIATUS HERNIA REPAIR; A STUDY OF SUTURE AND MESH REPAIRS. A STUDY OF SUTURE AND MESH REPAIRS.

REFLUX AFTER SLEEVE GASTRECTOMY AND HIATUS HERNIA REPAIR; REFLUX AFTER SLEEVE GASTRECTOMY AND HIATUS HERNIA REPAIR; A STUDY OF SUTURE AND MESH REPAIRS. A STUDY OF SUTURE AND MESH REPAIRS.

medidoc
Unstructured Mesh Family Contribution by Pointwise in AIAA SciTech Workshop

Unstructured Mesh Family Contribution by Pointwise in AIAA SciTech Workshop

butt_a
Reflux After Sleeve Gastrectomy and Hiatus Hernia Repair: Suture vs. Mesh Study

Reflux After Sleeve Gastrectomy and Hiatus Hernia Repair: Suture vs. Mesh Study

wal_lon
Nichrome Wire Mesh Ideal for High-Heat Applications

Nichrome Wire Mesh Ideal for High-Heat Applications

nickelwiremesh
High-Strength Hastelloy Wire Mesh for Critical Applications

High-Strength Hastelloy Wire Mesh for Critical Applications

nickelwiremesh
Promoting Universal Social Protection for Better Housing

Promoting Universal Social Protection for Better Housing

suriyabr
Analysis of Mesh Types in Contaminated Ventral Hernia Repair

Analysis of Mesh Types in Contaminated Ventral Hernia Repair

medidoc
Mesh-Current Circuit Analysis Method

Mesh-Current Circuit Analysis Method

haca

More Related Content