Clear channel assessment attack

A clear channel assessment attack or Queensland attack is physical layer DoS attack against Wi-Fi networks. The attack focuses the need of a wireless network to receive the "clear channel assessment"; which is a function within CSMA/CA to determine whether the wireless medium is ready and able to receive data, so that the transmitter may start sending it. The attack makes it appear that the airwaves are busy, which basically puts the entire system on hold.

The attack works only on 802.11b, and is not effective on the OFDM-based protocols 802.11g and 802.11a. However, some hybrid 802.11b/g access points will hinder the 802.11g network when the 802.11b network is attacked.[1]

Discovery

The attack was discovered by researchers at Queensland University of Technology's Information Security Research Center.[2] The origin of the Queensland attack name comes thus from its original discoverers.

In practice

The signal telling the system the airwaves are busy is of course sent through the attacker's NIC, by placing it in continuous transmit mode. The attack can be set up through the use of the Intersil's Prism Test Utility (PrismTestUtil322.exe). To execute the attack properly, a high-power NIC and external antenna are required.

References