NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0222:  Use of RF Jammer for DoS testing in WIDS EP

Publication Date
2017.07.27

Protection Profiles
EP_WIDS_V1.0

Other References
FAU_WID_EXT.3

Issue Description

FAU_WID_EXT.3, Test 1 requires usage of an RF Jammer to create a DoS, however, Federal Law prohibits the operation, marketing, or sale of any tipe of jamming equipment, including devices that interfere with cellular and Personal Communication Services (PCS), police radar, Global Positioning Systems (GPS), and wireless networking services (Wi-Fi).

Resolution

 

There are other requirements checking for traffic based denial of service attacks and therefore the Test for RF-based DoS is removed. The Assurance Activities for FAU_WID_EXT.3.1 are modified as follows:

TSS

The evaluator shall examine the TSS to verify that it describes the denial of service attacks that can be detected by the TOE.

Guidance

If the ability of the TOE to detect different types of denial of service attacks is configurable, the evaluator shall verify that the operational guidance provides instructions on how to specify the attack(s) that are detected.

Tests

Traffic injection based DoS

  • Test 1: Deauthentication Flood
    • Deploy whitelisted AP and configure to a set channel.
    • Connect a whitelisted EUD to the AP.
    • Send an flood of deauthentication frames to the EUD using the MAC address of whitelisted AP it is connected to.
    • Verify that the TSF detects the deauthentication flood.
    • Send an flood of deauthentication frames with the MAC address of whitelisted AP as the source and destination as a broadcast.
    • Verify that the TSF detects the deauthentication flood.
  • Test 2: Dissasociation Flood
    • Deploy whitelisted AP and configure to a set channel.
    • Connect two whitelisted EUDs to the AP.
    • Send an flood of CTS frames to reserve RF medium.
    • Verify that the TSF detects the CTS abuse.

 

 

Justification

See Resolution

 
 
Site Map              Contact Us              Home