Skip to Main Content
Null data frames are a special but important type of frames in IEEE 802.11 based wireless local area networks (e.g., 802.11 WLANs). They are widely used for power management, channel scanning and association keeping alive. The wide applications of null data frames come from their salient features such as lightweight frame format and implementation flexibility. However, such features can be taken advantage of by malicious attackers to launch a variety of attacks. In this paper, we identify the potential security vulnerabilities in the current applications of null data frames. We then study two types of attacks taking advantage of these vulnerabilities in detail, and evaluate their effectiveness based on extensive experiments. Finally, we point out that our work has broader impact in that similar vulnerabilities exist in many other networks.