Detection and mitigation of denial-of-service attacks in wireless communication networks

What is claimed is: 1. A method comprising: obtaining, by a base station comprising a processor, data relating to a set of collision events on a shared channel for communicating with the base station on a wireless network according to a contention-based access protocol, wherein a plurality of terminals attempt to access the channel contemporaneously, the data comprising a first number representing a number of unsuccessful attempts to access the channel by the plurality of terminals, a second number representing a number of access attempts, and a set of time intervals between access attempts for each of the plurality of terminals, the channel being associated with a set of resource blocks; estimating, by the base station, a probability of collision in the channel based on the first number, the second number, and the protocol; generating, by the base station, a first probability distribution of the time intervals for each of the terminals, based on the estimated probability of collision; calculating, by the base station, a second probability distribution of the time intervals for each of the terminals, based on the data; calculating, by the base station, for each terminal a first cumulative distribution function and a second cumulative distribution function from the first probability distribution and the second probability distribution respectively; comparing, by the base station, the first cumulative distribution function and the second cumulative distribution function for each terminal to identify a malfunctioning terminal not operating in accordance with the protocol; responsive to determining that the base station is in a multi-antenna system and is capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, blocking the signal from the malfunctioning terminal; and responsive to determining that the base station is not in a multi-antenna system or is not capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, re-assigning the channel to a different set of resource blocks and broadcasting information regarding the re-assigning on a broadcast channel. 2. The method of claim 1 , wherein the comparing step further comprises generating a test statistic based on the first cumulative distribution function and the second cumulative distribution function for each terminal, and applying a one-sided statistical goodness of fit test to the test statistic to determine a goodness of fit threshold function. 3. The method of claim 2 , wherein for some time interval in the set of time intervals, the malfunctioning terminal has a second cumulative distribution function value that exceeds the threshold function. 4. The method of claim 1 , wherein the comparing step further comprises determining that a given terminal is operating in accordance with the protocol, based on a determination that the second cumulative distribution function is less than or equal to the first cumulative distribution function for the terminal. 5. The method of claim 2 , wherein the comparing step further comprises comparing the second cumulative distribution function and the threshold function for each terminal, and determining that a given terminal is operating in accordance with the protocol, based on a determination that the second cumulative distribution function is less than or equal to the threshold function for the terminal. 6. The method of claim 1 , wherein an attempt to access the channel comprises transmission of a preamble message by a sending terminal of the plurality of terminals. 7. The method of claim 6 , further comprising identifying the sending terminal based on an identifier included in the preamble message. 8. The method of claim 6 , wherein the data further comprise an arrival time stamp of the preamble message, and further comprising computing, by the base station, a time interval between access attempts based on the arrival time stamp of the preamble message and an arrival time stamp of a subsequent preamble message. 9. The method of claim 1 , wherein the malfunctioning terminal is identified as a source of a denial-of-service attack without information regarding a strategy for the attack. 10. A base station comprising: a memory to store instructions; and a processor coupled to the memory, wherein responsive to executing the instructions, the processor performs operations comprising: obtaining data relating to a set of collision events on a shared channel for communicating with the base station on a wireless network according to a contention-based access protocol, wherein a plurality of terminals attempt to access the channel contemporaneously, the data comprising a first number representing a number of unsuccessful attempts to access the channel by the plurality of terminals, a second number representing a number of access attempts, and a set of time intervals between access attempts for each of the plurality of terminals, the channel being associated with a set of resource blocks; estimating a probability of collision in the channel based on the first number, the second number, and the protocol; generating a first probability distribution of the time intervals for each of the terminals, based on the estimated probability of collision; calculating a second probability distribution of the time intervals for each of the terminals; calculating for each terminal a first cumulative distribution function and a second cumulative distribution function from the first probability distribution and the second probability distribution respectively; generating a test statistic based on the first cumulative distribution function and the second cumulative distribution function for each terminal; applying a one-sided statistical goodness of fit test to the test statistic to determine a goodness of fit threshold function; comparing the second cumulative distribution function and the goodness of fit threshold function for each terminal to identify a malfunctioning terminal not operating in accordance with the protocol, wherein for some time interval in the set of time intervals, the malfunctioning terminal has a second cumulative distribution function value that exceeds the threshold function; responsive to determining that the base station is in a multi-antenna system and is capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, blocking the signal from the malfunctioning terminal; and responsive to determining that the base station is not in a multi-antenna system or is not capable of estimating an angle of arrival of a signal incoming to the base station from the malfunctioning terminal, re-assigning the channel to a different set of resource blocks and broadcasting information regarding the re-assigning on a broadcast channel. 11. The base station of claim 10 , wherein the operations further comprise determining that a given terminal is operating in accordance with the protocol, based on a determination that the second cumulative distribution function is less than or equal to the first cumulative distribution function for the terminal. 12. The base station of claim 10 , wherein the operations further comprise comparing the second cumulative distribution function and the threshold function for each terminal, and determining that a given terminal is operating in accordance with the protocol, based on a determination that the second cumulative distribution function is less than or equal to the threshold function for the terminal. 13. The base station of claim 10 , wherein an attempt to access the chann