UC San Diego

In 1985, the Federal Communications Commission & quot;opened" a range of radio frequencies called the Industrial Scientific and Medical band. For the first time anyone could transmit high-speed data wirelessly without a license and with minimal regulatory restrictions. Building on this opportunity, the IEEE's 802.11 protocol enabled cheap untethered access to nearby wired networks and ultimately transformed how millions of businesses, governments, and casual computer-users access the Internet. However, the designers of 802.11 did not anticipate the magnitude of their success, and thus the protocol is hard-pressed to meet many of the new demands placed on it. In particular, 802.11's decentralized management structure poses unique challenges for both security and performance. This dissertation focuses on two key instances of these problems: denial-of-service and channel efficiency. In 802.11, each wireless client implements the media access control protocol (MAC) to share the common radio medium more effectively while maintaining the decentralized design of the protocol. Additionally, each client implicitly trusts that the other clients are faithful in their MAC implementation. Under these best-case circumstances the protocol operates as designed, however, nothing prevents a client from abusing this trust. In this work I evaluate two of the more critical abuses of trust, both of which result in a denial -of-service attack where a well-behaved client is denied access to the wireless medium. In addition, I propose defense mechanisms that successfully protect the networks while preserving the decentralized nature of 802.11. The desire to efficiently use all available radio channels arises because typical deployments have many more access points and clients than they do channels. This creates a high degree of contention for a limited resource. The decentralized nature of 802.11 exosborates [sic] this issue because each access point makes a locally greedy channel decision even though the aggregate of the local decisions does not yield a global optimum. To that end I propose and evaluate a number of different automated channel selection policies and synchronization techniques using a large, real world testbed, identifying the current best practice and quantifying its performance improvement