Abstract

IEEE 802.11 Beacon frames exist at the forefront of modern Wi-Fi networks and facilitate a wide array of essential network functionality, from discovery to time synchronization and even transmit power control. However, the central role Beacon frames play in initial network advertisement comes at the price of incomplete security guarantees, leaving these frames historically vulnerable to forgery and granting significant leverage over proximal wireless devices to a malicious actor that can effectively spoof them. With the publication of IEEE Std 802.11-2020, beacon protection was introduced to enable the authentication of received Beacon frames, placating most concerns. However, beacon protection is not a perfect solution, and cannot protect against beacon forgery perpetrated by an insider of the wireless network. As the risk of insider attack paces the growing threat from nation-state-backed cyber actors, the need has never been greater to strengthen the resiliency of wireless networks to malicious and compromised insiders. Focusing on Beacon frames in particular, this thesis sets the stage with a review of their context within a wireless network, then explores critical elements of their history, including important related work conducted by the security community. The argument is made for improving Beacon frame protection to address insider threats, and supported by the development and testing of a covert channel to demonstrate that malicious, real-time manipulation of Beacon frames is both possible and practical. The covert channel is a novel contribution developed from scratch and open-sourced to facilitate further research, based on the known ability to spoof Beacon frames with custom transmit power limits. Lastly, Enhanced Beacon Protection is proposed: a unique expansion of beacon protection designed to prevent insider forgeries while maintaining full backward compatibility and maximum efficiency.

Library of Congress Subject Headings

IEEE 802.11 (Standard)--Security measures; Wireless LANs--Security measures; Cyberterrorism--Prevention

Publication Date

5-14-2025

Document Type

Thesis

Student Type

Graduate

Degree Name

Cybersecurity (MS)

Department, Program, or Center

Cybersecurity, Department of

College

Golisano College of Computing and Information Sciences

Advisor

Bill Stackpole

Advisor/Committee Member

Thomas J. Borrelli

Advisor/Committee Member

Sumita Mishra

Campus

RIT – Main Campus

Plan Codes

COMPSEC-MS

Share

COinS