Conference
Wireless Network Security
About: Wireless Network Security is an academic conference. The conference publishes majorly in the area(s): Computer science & Android (operating system). Over the lifetime, 545 publications have been published by the conference receiving 14497 citations.
Topics: Computer science, Android (operating system), Wireless sensor network, Authentication, Wireless network
Papers published on a yearly basis
Papers
16 Apr 2012
TL;DR: The investigation indicates the symbiotic relationship between embedded ad libraries and host apps is one main reason behind these exposed risks, and clearly shows the need for better regulating the way ad libraries are integrated in Android apps.
Abstract: In recent years, there has been explosive growth in smartphone sales, which is accompanied with the availability of a huge number of smartphone applications (or simply apps). End users or consumers are attracted by the many interesting features offered by these devices and the associated apps. The developers of these apps are also benefited by the prospect of financial compensation, either by selling their apps directly or by embedding one of the many ad libraries available on smartphone platforms. In this paper, we focus on potential privacy and security risks posed by these embedded or in-app advertisement libraries (henceforth "ad libraries," for brevity). To this end, we study the popular Android platform and collect 100,000 apps from the official Android Market in March-May, 2011. Among these apps, we identify 100 representative in-app ad libraries (embedded in 52.1% of them) and further develop a system called AdRisk to systematically identify potential risks. In particular, we first decouple the embedded ad libraries from host apps and then apply our system to statically examine the ad libraries, ranging from whether they will upload privacy-sensitive information to remote (ad) servers or whether they will download untrusted code from remote servers. Our results show that most existing ad libraries collect private information: some of them may be used for legitimate targeting purposes (i.e., the user's location) while others are hard to justify by invasively collecting the information such as the user's call logs, phone number, browser bookmarks, or even the list of installed apps on the phone. Moreover, additional ones go a step further by making use of an unsafe mechanism to directly fetch and run code from the Internet, which immediately leads to serious security risks. Our investigation indicates the symbiotic relationship between embedded ad libraries and host apps is one main reason behind these exposed risks. These results clearly show the need for better regulating the way ad libraries are integrated in Android apps.
562 citations
16 Mar 2009
TL;DR: In this article, the authors describe two attacks on IEEE 802.11 based wireless LANs: improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key, and dictionary attack when a weak pre-shared key is used.
Abstract: In this paper, we describe two attacks on IEEE 802.11 based wireless LANs. The first attack is an improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key. The second attack is (according to our knowledge) the first practical attack on WPA secured wireless networks, besides launching a dictionary attack when a weak pre-shared key (PSK) is used. The attack works if the network is using TKIP to encrypt the traffic. An attacker, who has about 12-15 minutes access to the network is then able to decrypt an ARP request or response and send 7 packets with custom content to network.
299 citations
14 Jun 2011
TL;DR: This work demonstrates that flexible and reliable software-defined reactive jamming is feasible by designing and implementing a reactive jammer against IEEE 802.15.4 networks and identifies the causes of loss at the physical layer of 802.
Abstract: In this work, we take on the role of a wireless adversary and investigate one of its most powerful tools---radio frequency jamming. Although different jammer designs are discussed in the literature, reactive jamming, i.e., targeting only packets that are already on the air, is generally recognized as a stepping stone in implementing optimal jamming strategies. The reason is that, while destroying only selected packets, the adversary minimizes its risk of being detected. One might hope for reactive jamming to be too challenging or uneconomical for an attacker to conceive and implement due to its strict real-time requirements. Yet, in this work we disillusion from such hopes as we demonstrate that flexible and reliable software-defined reactive jamming is feasible by designing and implementing a reactive jammer against IEEE 802.15.4 networks. First, we identify the causes of loss at the physical layer of 802.15.4 and show how to achieve the best performance for reactive jamming. Then, we apply these insights to our USRP2-based reactive jamming prototype, enabling a classification of transmissions in real-time, and reliable and selective jamming. The prototype achieves a reaction time in the order of microseconds, a high precision (such as targeting individual symbols), and a 97.6% jamming rate in realistic indoor scenarios for a single reactive jammer, and over 99.9% for two concurrent jammers.
286 citations
22 Mar 2010
TL;DR: The feasibility of performing impersonation attacks on the modulation-based and transient-based fingerprinting techniques are studied to improve access control in wireless networks, revent device cloning and complement message authentication protocols.
Abstract: Physical-layer identification of wireless devices, commonly referred to as Radio Frequency (RF) fingerprinting, is the process of identifying a device based on transmission imperfections exhibited by its radio transceiver. It can be used to improve access control in wireless networks, revent device cloning and complement message authentication protocols. This paper studies the feasibility of performing impersonation attacks on the modulation-based and transient-based fingerprinting techniques. Both techniques are vulnerable to impersonation attacks; however, transient-based techniques are more difficult to reproduce due to the effects of the wireless channel and antenna in their recording process. We assess the feasibility of performing impersonation attacks by extensive measurements as well as simulations using collected data from wireless devices. We discuss the implications of our findings and how they affect current device identification techniques and related applications.
277 citations
31 Mar 2008
TL;DR: The main idea is to introduce carefully chosen dummy traffic to hide the real event sources in combination with mechanisms to drop dummy messages to prevent explosion of network traffic.
Abstract: Sensors deployed to monitor the surrounding environment report such information as event type, location, and time when a real event of interest is detected. An adversary may identify the real event source through eavesdropping and traffic analysis. Previous work has studied the source location privacy problem under a local adversary model. In this work, we aim to provide a stronger notion: event source unobservability, which promises that a global adversary cannot know whether a real event has ever occurred even if he is capable of collecting and analyzing all the messages in the network at all the time. Clearly, event source unobservability is a desirable and critical security property for event monitoring applications, but unfortunately it is also very difficult and expensive to achieve for resource-constrained sensor network.Our main idea is to introduce carefully chosen dummy traffic to hide the real event sources in combination with mechanisms to drop dummy messages to prevent explosion of network traffic. To achieve the latter, we select some sensors as proxies that proactively filter dummy messages on their way to the base station. Since the problem of optimal proxy placement is NP-hard, we employ local search heuristics. We propose two schemes (i) Proxy-based Filtering Scheme (PFS) and (ii) Tree-based Filtering Scheme (TFS) to accurately locate proxies. Simulation results show that our schemes not only quickly find nearly optimal proxy placement, but also significantly reduce message overhead and improve message delivery ratio. A prototype of our scheme was implemented for TinyOS-based Mica2 motes.
230 citations
Performance Metrics
| Year | Papers |
|---|---|
| 2023 | 35 |
| 2022 | 36 |
| 2021 | 45 |
| 2020 | 30 |
| 2019 | 60 |
| 2018 | 40 |