Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Sandia fingerprinting technique demonstrates wireless device driver vulnerabilities

14.09.2006
The next time you're sipping a latte and surfing the Net at your favorite neighborhood wireless café, someone just a few seats away could be breaking into your laptop and causing irreparable damage to your computer's operating system by secretly tapping into your network card's unique device driver, researchers at Sandia National Laboratories in have concluded.

There is, however, some cheerful news. By role-playing the position of an adversary (also known as red teaming), Sandia researchers have demonstrated a unique "fingerprinting" technique that allows hackers with ill intent to identify a wireless driver without modification to or cooperation from a wireless device. Revealing this technique publicly, Sandia researchers hope, can aid in improving the security of wireless communications for devices that employ 802.11 networking.

Sandia is a National Nuclear Security Administration laboratory.

Wireless device drivers fraught with vulnerabilities

Device drivers, according to Sandia security researcher Jamie Van Randwyk, are becoming a primary source of security holes in modern operating systems. Through a laboratory-directed research grant, Van Randwyk and a team of college interns set out last year to design, implement, and evaluate a technique that has proved capable of passively identifying a wireless driver used by 802.11 wireless devices without specialized equipment and in realistic network conditions. Van Randwyk presented his team's findings last month at the USENIX Security Symposium in Vancouver, B.C.

Video and keyboard drivers are generally not exploited because of the difficulty in attaining physical access to those systems, leading some to believe that device drivers are immune to vulnerabilities. However, Van Randwyk points out, physical access is not necessary with some classes of drivers, including wireless cards, Ethernet cards, and modems.

"Wireless network drivers, in particular, are easy to interact with and potentially exploit if the attacker is within transmission range of the wireless device," says Van Randwyk. Because the IEEE 802.11 standard is the most common among today's wireless devices, he and his team chose to evaluate the ability of an attacker to launch a driver-specific exploit by first fingerprinting the device driver. Fingerprinting is a process by which a device or the software it is running is identified by its externally observable characteristics.

"Passive" approach and "probe request frames" are key

The passive approach used by Van Randwyk and his colleagues demonstrates that a fingerprinter (attacker) need only be in relatively close physical proximity of a target (victim) in order to monitor his or her wireless traffic. Anyone within transmission range of a wireless device, therefore, can conceivably fingerprint the device's wireless driver. Reconnaissance of this type is difficult to prevent since the attacker is not transmitting data, making the attack "invisible" and hard to detect.

Sandia's fingerprinting technique relies on the fact that computers with wireless configurations actively scan for access points to connect to by periodically sending out "probe request frames," of which there are no standard 802.11 specifications. Consequently, developers have created a multitude of wireless device drivers that each performs the "probe request" function differently than other wireless device drivers. Sandia's fingerprinting technique demonstrates the inherent vulnerabilities in this situation through statistical analysis of the inter-frame timing of transmitted probe requests.

Fingerprinting not a new concept

Fingerprinting an 802.11 network interface card (NIC) is not a new concept, says Van Randwyk, and many tools exist that can help identify card manufacturers and model numbers via a wireless device's Media Access Control (MAC) address. Sandia's approach, however, is more advantageous in that it fingerprints the device driver, where most exploits rest due to the driver's placement within the operating system. Additionally, the features used by the Sandia passive technique are not a configurable option in any of the drivers tested, unlike the MAC address in most operating systems.

Sandia's fingerprinting technique has proven to be highly reliable, achieving an accuracy rate ranging from 77 percent to 96 percent, depending on the network setting. Furthermore, the technique requires that only a few minutes worth of network data be collected, and tests confirm that it can withstand realistic network conditions.

The complete research paper prepared by Van Randwyk and his colleagues, "Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting," discusses the technique in detail and can be found here (132KB PDF).

Mike Janes | EurekAlert!
Further information:
http://www.sandia.gov

More articles from Information Technology:

nachricht Information integration and artificial intelligence for better diagnosis and therapy decisions
24.05.2017 | Fraunhofer MEVIS - Institut für Bildgestützte Medizin

nachricht World's thinnest hologram paves path to new 3-D world
18.05.2017 | RMIT University

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Can the immune system be boosted against Staphylococcus aureus by delivery of messenger RNA?

Staphylococcus aureus is a feared pathogen (MRSA, multi-resistant S. aureus) due to frequent resistances against many antibiotics, especially in hospital infections. Researchers at the Paul-Ehrlich-Institut have identified immunological processes that prevent a successful immune response directed against the pathogenic agent. The delivery of bacterial proteins with RNA adjuvant or messenger RNA (mRNA) into immune cells allows the re-direction of the immune response towards an active defense against S. aureus. This could be of significant importance for the development of an effective vaccine. PLOS Pathogens has published these research results online on 25 May 2017.

Staphylococcus aureus (S. aureus) is a bacterium that colonizes by far more than half of the skin and the mucosa of adults, usually without causing infections....

Im Focus: A quantum walk of photons

Physicists from the University of Würzburg are capable of generating identical looking single light particles at the push of a button. Two new studies now demonstrate the potential this method holds.

The quantum computer has fuelled the imagination of scientists for decades: It is based on fundamentally different phenomena than a conventional computer....

Im Focus: Turmoil in sluggish electrons’ existence

An international team of physicists has monitored the scattering behaviour of electrons in a non-conducting material in real-time. Their insights could be beneficial for radiotherapy.

We can refer to electrons in non-conducting materials as ‘sluggish’. Typically, they remain fixed in a location, deep inside an atomic composite. It is hence...

Im Focus: Wafer-thin Magnetic Materials Developed for Future Quantum Technologies

Two-dimensional magnetic structures are regarded as a promising material for new types of data storage, since the magnetic properties of individual molecular building blocks can be investigated and modified. For the first time, researchers have now produced a wafer-thin ferrimagnet, in which molecules with different magnetic centers arrange themselves on a gold surface to form a checkerboard pattern. Scientists at the Swiss Nanoscience Institute at the University of Basel and the Paul Scherrer Institute published their findings in the journal Nature Communications.

Ferrimagnets are composed of two centers which are magnetized at different strengths and point in opposing directions. Two-dimensional, quasi-flat ferrimagnets...

Im Focus: World's thinnest hologram paves path to new 3-D world

Nano-hologram paves way for integration of 3-D holography into everyday electronics

An Australian-Chinese research team has created the world's thinnest hologram, paving the way towards the integration of 3D holography into everyday...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Marine Conservation: IASS Contributes to UN Ocean Conference in New York on 5-9 June

24.05.2017 | Event News

AWK Aachen Machine Tool Colloquium 2017: Internet of Production for Agile Enterprises

23.05.2017 | Event News

Dortmund MST Conference presents Individualized Healthcare Solutions with micro and nanotechnology

22.05.2017 | Event News

 
Latest News

How herpesviruses win the footrace against the immune system

26.05.2017 | Life Sciences

Water forms 'spine of hydration' around DNA, group finds

26.05.2017 | Life Sciences

First Juno science results supported by University of Leicester's Jupiter 'forecast'

26.05.2017 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>