Reverse Engineering and Evaluating the Apple Wireless Direct Link Protocol

Stute, Milan; Kreitschmann, David; Hollick, Matthias

doi:10.1145/3351422.3351432

Cited by 3 publications

(4 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, there is a lack of highly usable approaches to sufficiently protect identification and private information in protocol executions, especially for privacy-concerned parties. A survey [4] showed that about 90% users considered the exposure of device names from wireless network services as a privacy risk, as such exposure may lead to adversarial inference of users' private information such as mobility patterns, profiles, and locations [5], [6], [7], [8]. For instance, in public Wi-Fi, ISP could easily identify a person via the announced device names [9].…”

Section: Introductionmentioning

confidence: 99%

PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications

Yang,

Deng,

Yang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Service discovery is essential in wireless communications. However, existing service discovery protocols provide no or very limited privacy protection for service providers and clients, and they often leak sensitive information (e.g., service type, client's identity and mobility pattern), which leads to various network-based attacks (e.g., spoofing, man-in-the-middle, identification and tracking). In this paper, we propose a private service discovery protocol, called PriSrv, which allows a service provider and a client to respectively specify a fine-grained authentication policy that the other party must satisfy before a connection is established. PriSrv consists of a private service broadcast phase and an anonymous mutual authentication phase with bilateral control, where the private information of both parties is hidden beyond the fact that a mutual match to the respective authentication policy occurred. As a core component of PriSrv, we introduce the notion of anonymous credentialbased matchmaking encryption (ACME), which exerts duallayer matching in one step to simultaneously achieve bilateral flexible policy control, selective attribute disclosure and multishow unlinkability. As a building block of ACME, we design a fast anonymous credential (FAC) scheme to provide constant size credentials and efficient show/verification mechanisms, which is suitable for privacy-enhanced and highly usable service discovery in wireless networks.We present a concrete PriSrv protocol that is interoperable with popular wireless communication protocols, such as Wi-Fi Extensible Authentication Protocol (EAP), mDNS, BLE and Airdrop, to offer privacy-enhanced protection. We present formal security proof of our protocol and evaluate its performance on multiple hardware platforms: desktop, laptop, mobile phone and Raspberry Pi. PriSrv accomplishes private discovery and secure connection in less than 0.973 s on the first three platforms, and in less than 2.712 s on Raspberry Pi 4B. We also implement PriSrv into IEEE 802.1X in the real network to demonstrate its practicality.

show abstract

Section: Introductionmentioning

confidence: 99%

PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications

Yang,

Deng,

Yang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

show abstract

“…Protocol reverse analysis can be divided into two types: binary analysis of protocol implementation [12][13][14][15] and statistic analysis of unknown protocol traffic [16][17][18][19], which are realized by analyzing the program code of the communication entity program and the protocol message field, respectively.…”

Section: Introductionmentioning

confidence: 99%

Unsupervised Binary Protocol Clustering Based on Maximum Sequential Patterns

Shi¹,

Ye²,

Li³

et al. 2022

Computer Modeling in Engineering &Amp; Sciences

View full text Add to dashboard Cite

With the rapid development of the Internet, a large number of private protocols emerge on the network. However, some of them are constructed by attackers to avoid being analyzed, posing a threat to computer network security. The blockchain uses the P2P protocol to implement various functions across the network. Furthermore, the P2P protocol format of blockchain may differ from the standard format specification, which leads to sniffing tools such as Wireshark and Fiddler not being able to recognize them. Therefore, the ability to distinguish different types of unknown network protocols is vital for network security. In this paper, we propose an unsupervised clustering algorithm based on maximum frequent sequences for binary protocols, which can distinguish various unknown protocols to provide support for analyzing unknown protocol formats. We mine the maximum frequent sequences of protocol message sets in bytes. And we calculate the fuzzy membership of the protocol message to each maximum frequent sequence, which is based on fuzzy set theory. Then we construct the fuzzy membership vector for each protocol message. Finally, we adopt K-means++ to split different types of protocol messages into several clusters and evaluate the performance by calculating homogeneity, integrity, and Fowlkes and Mallows Index (FMI). Besides, the clustering algorithms based on Needleman-Wunsch and the fixed-length prefix are compared with the algorithm presented in this paper. Compared with these traditional clustering methods, we demonstrate a certain improvement in the clustering performance of our work.

show abstract

“…The attacker records relevant BTC and BLE packets and their timestamps. This might include public keys for Apple Find My, RP Is from Exposure Notification, and user identifiers [159]. We also assume that the attacker is able to retrieve public information for each of the considered systems.…”

Section: Attacker Model: Abusing Btc+ble Timing Informationmentioning

confidence: 99%

“…These apps can potentially link the BDADDR to any information they have about the user. Recent works [159,160] demonstrated that other BLE-based Apple protocols such as AWDL, AirDrop and Nearby Action can reveal user identifiers such as hostnames, email hashes and phone number hashes. In case of hostname, the study revealed that about 75% of these hostnames contain the user's first or last name or both.…”

Section: Privacy Implications Of the Attackmentioning

confidence: 99%

Securing wireless communications from the PHY up: a low-layer protocol approach for privacy, security, and resilience

Ludant

View full text Add to dashboard Cite

Sirma for the great moments shared together during these years. I would also like to thank my friends back home, whom have continued supporting me and encouraging me during these years, and I would like to thank the Gym for keeping me mentally sane when I was doubting myself, and for giving me the mental strength to keep going.I want to thank my family for their unconditional love and support and dedicate this dissertation to them. They have always been an inspiration for me due to their hard work, and I will be always grateful for all the sacrifices they did for me to be able to pursue what I want in life. Lastly, I want to thank the best life partner I could have asked for, Chaima, for her support and love during these years, and for making me smile everyday even when I was going through tough times.4 User-Privacy Leakages in 5G Resource Scheduling Information 4.1 Essential Background Towards a 5G Sniffer .

show abstract

Reverse Engineering and Evaluating the Apple Wireless Direct Link Protocol

Cited by 3 publications

References 3 publications

PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications

PriSrv: Privacy-Enhanced and Highly Usable Service Discovery in Wireless Communications

Unsupervised Binary Protocol Clustering Based on Maximum Sequential Patterns

Securing wireless communications from the PHY up: a low-layer protocol approach for privacy, security, and resilience

Contact Info

Product

Resources

About