Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Sandia fingerprinting technique demonstrates wireless device driver vulnerabilities

14.09.2006
The next time you're sipping a latte and surfing the Net at your favorite neighborhood wireless café, someone just a few seats away could be breaking into your laptop and causing irreparable damage to your computer's operating system by secretly tapping into your network card's unique device driver, researchers at Sandia National Laboratories in have concluded.

There is, however, some cheerful news. By role-playing the position of an adversary (also known as red teaming), Sandia researchers have demonstrated a unique "fingerprinting" technique that allows hackers with ill intent to identify a wireless driver without modification to or cooperation from a wireless device. Revealing this technique publicly, Sandia researchers hope, can aid in improving the security of wireless communications for devices that employ 802.11 networking.

Sandia is a National Nuclear Security Administration laboratory.

Wireless device drivers fraught with vulnerabilities

Device drivers, according to Sandia security researcher Jamie Van Randwyk, are becoming a primary source of security holes in modern operating systems. Through a laboratory-directed research grant, Van Randwyk and a team of college interns set out last year to design, implement, and evaluate a technique that has proved capable of passively identifying a wireless driver used by 802.11 wireless devices without specialized equipment and in realistic network conditions. Van Randwyk presented his team's findings last month at the USENIX Security Symposium in Vancouver, B.C.

Video and keyboard drivers are generally not exploited because of the difficulty in attaining physical access to those systems, leading some to believe that device drivers are immune to vulnerabilities. However, Van Randwyk points out, physical access is not necessary with some classes of drivers, including wireless cards, Ethernet cards, and modems.

"Wireless network drivers, in particular, are easy to interact with and potentially exploit if the attacker is within transmission range of the wireless device," says Van Randwyk. Because the IEEE 802.11 standard is the most common among today's wireless devices, he and his team chose to evaluate the ability of an attacker to launch a driver-specific exploit by first fingerprinting the device driver. Fingerprinting is a process by which a device or the software it is running is identified by its externally observable characteristics.

"Passive" approach and "probe request frames" are key

The passive approach used by Van Randwyk and his colleagues demonstrates that a fingerprinter (attacker) need only be in relatively close physical proximity of a target (victim) in order to monitor his or her wireless traffic. Anyone within transmission range of a wireless device, therefore, can conceivably fingerprint the device's wireless driver. Reconnaissance of this type is difficult to prevent since the attacker is not transmitting data, making the attack "invisible" and hard to detect.

Sandia's fingerprinting technique relies on the fact that computers with wireless configurations actively scan for access points to connect to by periodically sending out "probe request frames," of which there are no standard 802.11 specifications. Consequently, developers have created a multitude of wireless device drivers that each performs the "probe request" function differently than other wireless device drivers. Sandia's fingerprinting technique demonstrates the inherent vulnerabilities in this situation through statistical analysis of the inter-frame timing of transmitted probe requests.

Fingerprinting not a new concept

Fingerprinting an 802.11 network interface card (NIC) is not a new concept, says Van Randwyk, and many tools exist that can help identify card manufacturers and model numbers via a wireless device's Media Access Control (MAC) address. Sandia's approach, however, is more advantageous in that it fingerprints the device driver, where most exploits rest due to the driver's placement within the operating system. Additionally, the features used by the Sandia passive technique are not a configurable option in any of the drivers tested, unlike the MAC address in most operating systems.

Sandia's fingerprinting technique has proven to be highly reliable, achieving an accuracy rate ranging from 77 percent to 96 percent, depending on the network setting. Furthermore, the technique requires that only a few minutes worth of network data be collected, and tests confirm that it can withstand realistic network conditions.

The complete research paper prepared by Van Randwyk and his colleagues, "Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting," discusses the technique in detail and can be found here (132KB PDF).

Mike Janes | EurekAlert!
Further information:
http://www.sandia.gov

More articles from Information Technology:

nachricht UT professor develops algorithm to improve online mapping of disaster areas
29.11.2016 | University of Tennessee at Knoxville

nachricht New standard helps optical trackers follow moving objects precisely
23.11.2016 | National Institute of Standards and Technology (NIST)

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Novel silicon etching technique crafts 3-D gradient refractive index micro-optics

A multi-institutional research collaboration has created a novel approach for fabricating three-dimensional micro-optics through the shape-defined formation of porous silicon (PSi), with broad impacts in integrated optoelectronics, imaging, and photovoltaics.

Working with colleagues at Stanford and The Dow Chemical Company, researchers at the University of Illinois at Urbana-Champaign fabricated 3-D birefringent...

Im Focus: Quantum Particles Form Droplets

In experiments with magnetic atoms conducted at extremely low temperatures, scientists have demonstrated a unique phase of matter: The atoms form a new type of quantum liquid or quantum droplet state. These so called quantum droplets may preserve their form in absence of external confinement because of quantum effects. The joint team of experimental physicists from Innsbruck and theoretical physicists from Hannover report on their findings in the journal Physical Review X.

“Our Quantum droplets are in the gas phase but they still drop like a rock,” explains experimental physicist Francesca Ferlaino when talking about the...

Im Focus: MADMAX: Max Planck Institute for Physics takes up axion research

The Max Planck Institute for Physics (MPP) is opening up a new research field. A workshop from November 21 - 22, 2016 will mark the start of activities for an innovative axion experiment. Axions are still only purely hypothetical particles. Their detection could solve two fundamental problems in particle physics: What dark matter consists of and why it has not yet been possible to directly observe a CP violation for the strong interaction.

The “MADMAX” project is the MPP’s commitment to axion research. Axions are so far only a theoretical prediction and are difficult to detect: on the one hand,...

Im Focus: Molecules change shape when wet

Broadband rotational spectroscopy unravels structural reshaping of isolated molecules in the gas phase to accommodate water

In two recent publications in the Journal of Chemical Physics and in the Journal of Physical Chemistry Letters, researchers around Melanie Schnell from the Max...

Im Focus: Fraunhofer ISE Develops Highly Compact, High Frequency DC/DC Converter for Aviation

The efficiency of power electronic systems is not solely dependent on electrical efficiency but also on weight, for example, in mobile systems. When the weight of relevant components and devices in airplanes, for instance, is reduced, fuel savings can be achieved and correspondingly greenhouse gas emissions decreased. New materials and components based on gallium nitride (GaN) can help to reduce weight and increase the efficiency. With these new materials, power electronic switches can be operated at higher switching frequency, resulting in higher power density and lower material costs.

Researchers at the Fraunhofer Institute for Solar Energy Systems ISE together with partners have investigated how these materials can be used to make power...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

ICTM Conference 2017: Production technology for turbomachine manufacturing of the future

16.11.2016 | Event News

Innovation Day Laser Technology – Laser Additive Manufacturing

01.11.2016 | Event News

#IC2S2: When Social Science meets Computer Science - GESIS will host the IC2S2 conference 2017

14.10.2016 | Event News

 
Latest News

UTSA study describes new minimally invasive device to treat cancer and other illnesses

02.12.2016 | Medical Engineering

Plasma-zapping process could yield trans fat-free soybean oil product

02.12.2016 | Agricultural and Forestry Science

What do Netflix, Google and planetary systems have in common?

02.12.2016 | Physics and Astronomy

VideoLinks
B2B-VideoLinks
More VideoLinks >>>