Short paper

Robyns, Pieter; Bonné, Bram; Quax, Peter; Lamotte, Wim

doi:10.1145/2627393.2627411

Cited by 11 publications

(1 citation statement)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These flaws allowed an attacker to recover the password of the wireless network even if configured with WPA3. Furthermore, researchers analyzed the security of enterprise networks and identified several weaknesses [214,215], for example, widespread security issues due to evil twin attacks [216] and poor configurations [176,217]. Denial-of-service attacks against Wi-Fi networks are ubiquitous [218,219,220], have existed since the first version of the 4-way handshake [57,59], and even affect WPA3 [4,5].…”

Section: Related Workmentioning

confidence: 99%

Towards rapid prototyping for wi-fi security research

Schepers

View full text Add to dashboard Cite

The rapid deployment of wireless networks, combined with an increasing demand for performance and security, resulted in the significant evolution of standards. Today, ) and Wi-Fi Protected Access 3 (WPA3) are the latest standard and set of security protocols. In order to enhance the security protections offered by these networks, it remains key to adopt the newest standards and promptly deprecate any old and vulnerable protocols. With this perspective, and the knowledge that early research in new protocols allows us to identify and address shortcomings before they are widely-adopted in practice, we are motivated to perform rigorous security and privacy analyses.In this dissertation, we perform an extensive wireless survey to understand and contextualize the Wi-Fi (IEEE 802.11) landscape. It allows us to gain real-world insights in the adoption rates of deprecated, recommended, and state-of-the-art protocols, and thereby identify trends and determine their security impact in practice. Based on our newfound insights, we perform a security and privacy analysis on the Temporal Key Integrity Protocol (TKIP) and Wi-Fi Fine Timing Measurement (FTM), revealing a wide-variety of sidechannels and security vulnerabilities. In order to ease and streamline our research process, and address implementation challenges faced throughout, we design a novel framework for rapid prototyping. Our framework allows one to rapidly test hypothesis on new weaknesses, implement proof-of-concepts, build on-target fuzz-testing tools, create testing suites (e.g., test if a device is vulnerable to known attacks), and automate experiments. We then demonstrate the features of our framework by means of two practical use cases. First, we perform a security analysis on the Wi-Fi Management Frame Protection (MFP) standard and its implementations, revealing numerous deauthentication vulnerabilities. Second, we analyze frame queuing mechanisms used within access points, revealing vulnerabilities which enable an adversary to bypass encryption. Finally, we release our framework for rapid prototyping to the community in order to encourage and support further security and privacy research.

show abstract

Section: Related Workmentioning

confidence: 99%

Towards rapid prototyping for wi-fi security research

Schepers

View full text Add to dashboard Cite

show abstract

Information System for Connection to the Access Point with Encryption WPA2 Enterprise

Chyrun

Kis

Rybak

2019

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions

Alotaibi

Elleithy

2016

Wireless Pers Commun

View full text Add to dashboard Cite

Wireless Local Area Networks (WLANs) are increasingly integrated into our daily lives. Access Points (APs) are an integral part of the WLAN infrastructure, as they are responsible for coordinating wireless users and connecting them to the wired side of the network and, eventually, to the Internet. APs are deployed everywhere, from airports and shopping malls to coffee shops and hospitals, to provide Internet connectivity. One of the most serious security problems encountered by WLAN users is the existence of Rogue Access Points (RAPs). This article classifies existing solutions, identifies vulnerabilities, and suggests future directions for research into these RAPs. The ultimate objective is to classify existing detection techniques and find new RAP types that have not been classified by the research community. The literature typically categorizes Evil-twin, Unauthorized, Compromised, and Improperly Configured RAPs. Two other types have largely been abandoned by researchers, but can be classified as Denial of Service RAP attacks. These are deauthentication/disassociation attacks targeting wireless users, and the forging of the first message in a four-way handshake.

show abstract

Short paper

Cited by 11 publications

References 10 publications

Towards rapid prototyping for wi-fi security research

Towards rapid prototyping for wi-fi security research

Information System for Connection to the Access Point with Encryption WPA2 Enterprise

Rogue Access Point Detection: Taxonomy, Challenges, and Future Directions

Contact Info

Product

Resources

About