Analysis of Deauthentication Attack on IEEE 802.11 Connectivity Based on IoT Technology Using External Penetration Test




Deauthentication Attack, Internet of Things (IoT), External Penetration Test


The research aims to know the level of security of WiFi connectivity against deauthentication attacks on Internet of Things (IoT)-based devices. It is done through testing using an external penetration test method. The external penetration test simulates a real external attack without information about the target system and network given. The process starts from accessing the device through Internet or WiFi by the test target. At the same time, the attacker performs Denial-of-Service (DoS) attacks onWiFi. The attacker uses Arduino ESP8266 NodeMCU WiFi with Lua programming. To record WiFi activities, the researchers use CommView for WiFi V. 7.0, and the target is Internet Protocol (IP) camera device. The result shows that the communication of the test target with the gateway is lost, but the Media Access Control (MAC) of the test target is still registered at the gateway. Deauthentication attacks cause communication paralysis, and several changes occur, such as an increase in data rate, and change in frequency channel, Distribution System (DS) status, retry bits in frame management, and the sequence number.


Plum Analytics

Author Biographies

Yogi Kristiyanto, Gunadarma University

Management Information System Department

Ernastuti Ernastuti, Gunadarma University

Computer Science Department, Faculty of Computer Science and Information Engineering


R. M. Andrade, R. M. Carvalho, I. L. de Ara´ujo, K. M. Oliveira, and M. E. Maia, “What changes from ubiquitous computing to Internet of Things in interaction evaluation?” in International Conference on Distributed, Ambient, and Pervasive Interactions. Vancouver, BC, Canada: Springer, July 9–14, 2017, pp. 3–21.

A. Efe, E. Aks¨oz, N. Hanecio˘glu, and S¸ . N. Yalman, “Smart security of IoT against DDOS attacks,” International Journal of Innovative Engineering Applications, vol. 2, no. 2, pp. 35–43, 2018.

E. Oriwoh and G. Williams, “Internet of Things: The argument for smart forensics,” in Handbook of research on digital crime, cyberspace security, and information assurance. USA: IGI Global, 2015, pp. 407–423.

P. Thornycroft. (2016) Wi-Fi access for the Internet of Things can be complicated. [Online]. Available:

M. Bogdanoski, P. Latkoski, and A. Risteski, “Analysis of the impact of AuthRF and AssRF attacks on IEEE 802.11e-based access point,” Mobile Networks and Applications, vol. 22, no. 5, pp. 834–843, 2017.

M. A. Razzaq, S. H. Gill, M. A. Qureshi, and S. Ullah, “Security issues in the Internet of Things (IoT): A comprehensive study,” International Journal of Advanced Computer Science and Applications (IJACSA), vol. 8, no. 6, pp. 383–388, 2017.

C. Liu and J. Qiu, “Performance study of 802.11 w for preventing DoS attacks on wireless local area networks,” Wireless Personal Communications, vol. 95, no. 2, pp. 1031–1053, 2017.

J. Milliken, V. Selis, K. M. Yap, and A. Marshall, “Impact of metric selection on wireless deauthentication DoS attack performance,” IEEE Wireless Communications Letters, vol. 2, no. 5, pp. 571–574, 2013.

H. A. Abdul-Ghani, D. Konstantas, and M. Mahyoub, “A comprehensive IoT attacks survey based on a building-blocked reference model,” (IJACSA) International Journal of Advanced Computer Science and Applications, vol. 9, no. 3, pp. 355–373, 2018.

T. Khalil, “IoT security against DdoS attacks using machine learning algorithms,” International Journal of Scientific and Research Publications, vol. 7, no. 6, pp. 739–741, 2017.

M. Alamanni, Kali Linux wireless penetration testing essentials. UK: Packt Publishing, 2015.

Course Technology Cengage learning, Penetration testing procedures & methodologies. USA: Nelson Education, Ltd., 2011.

H. Ikasamo. (2018) ESP8266/ESP32 connect WiFi made easy. [Online]. Available:



Abstract 2164  .
PDF downloaded 1505  .