Observer Analyzer : Observer Analyzer : Expert Analysis : Wireless Expert Explanations : Wireless DOS authentication flood attack on station
Wireless DOS authentication flood attack on station
Possible reasons for the event:
The rate of stations requesting AP authentication has exceeded the threshold, which could indicate that a DoS-type attack is underway. In such an attack, a malicious user floods the AP with authentication requests, spoofing MAC addresses to make it appear as if many different stations are requesting authentication.
"Roaming" stations can cause a similar pattern of deauthentications as described in a).