The most defense you can do:
Limit range of single
Limit direction of signals (between the two devices)
Turn off SSID broadcasting
Use mac address filtering
Turn off your client device when you aren't using it (no client, nothing he can do)
All this requires no new any things.
With new stuff you could do some thing like detect when the network is been flooded with ARP requests then turn off wireless on the router. This could be done with a snort rule or similar. Of course, then it's basically a DoS on your self, so perhaps not the best solution.
The ultimate solution: Get some thing you can install DDWRT on, use it as a bridge between WPA2 wireless and wired ethernet. I assume your box thing has a ethernet port.