Disassociation attack definition
Disassociation attack refers to a type of denial of service (DoS) attack on a wireless network. In this attack, the attacker sends disassociation packets to the client and the access point, or the router. These packets are designed to appear as if they come from each other.
In a WiFi network, a disassociation packet is a normal part of the communication protocol, used to cleanly break the connection between a device and the network. When an attacker abuses this feature and sends disassociation packets, it can cause the device to disconnect from the network. If the attacker continually sends these packets, it can effectively keep the device disconnected and cause a denial of service.
Disassociation attack prevention
- WPA3. Using the latest WiFi Protected Access version provides robust authentication methods that are difficult to spoof.
- MAC filtering. While not foolproof, limiting which MAC addresses can connect to your network can provide some protection against disassociation attacks.
- SSID hiding. You can also hide your SSID (Service Set Identifier), or simply, the name of your network. While some techniques would still allow the attacker to find out your SSID, hiding it may prevent them from even trying.
- Network monitoring. Companies monitor network logs regularly to check for any unusual activities or multiple disconnection events which can indicate a disassociation attack.