Testing and Improving the Correctness of Wi-Fi Frame Injection

Vanhoef, Mathy; Jiao, Xianjun; Wei, Liu; Moerman, Ingrid

doi:10.1145/3558482.3581779

Cited by 2 publications

(2 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, the attacker can transmit CSAs by forging a CSA information element inside beacon frames, probe response frames, or action frames. Some prominent examples of MC-MitM-IV attacks, including KRACK, DoS, and the latest FragAttacks, have appeared in the literature [7], [9], [12], [30]. In Section III of our previous paper [13], we thoroughly explained the technical setup, inner workings, and extensive evaluation of various MC-MitM attacks that manipulate victim's data frames, resulting in frame decryption and potential extraction of sensitive data.…”

Section: ) Improved Variantmentioning

confidence: 99%

“…Regarding the MC-MitM improved variants, the most significant attacks include FragAttacks and some extended versions of KRACK attacks. The FragAttack is the latest non-vendor-specific attack using the MC-MitM position (discovered by Vanhoef in May 2021 [9]). It exploits a set of authentication weaknesses in the fragmentation and aggregation features of IEEE 802.11 standards allowing the attackers to inject packets into encrypted Wi-Fi networks and obtain sensitive client data.…”

mentioning

confidence: 99%

See 1 more Smart Citation

A Signature-Based Wireless Intrusion Detection System Framework for Multi-Channel Man-in-the-Middle Attacks Against Protected Wi-Fi Networks

Thankappan,

Rifà-Pous,

Garrigues

2024

IEEE Access

View full text Add to dashboard Cite

One of the advanced Man-in-the-Middle (MitM) attacks is the Multi-Channel MitM (MC-MitM) attack, which is capable of manipulating encrypted wireless frames between clients and the Access Point (AP) in a Wireless LAN (WLAN). MC-MitM attacks are possible on any client no matter how the client authenticates with the AP. Key reinstallation attacks (KRACK) in 2017-18, and the latest FragAttacks in 2021 are frontline MC-MitM attacks that widely impacted millions of Wi-Fi systems, especially those with Internet of Things (IoT) devices. Although there are security patches against some attacks, they are not applicable to every Wi-Fi or IoT device. In addition, existing defense mechanisms to combat MC-MitM attacks are not feasible for two reasons: they either require severe firmware modifications on all the devices in a system, or they require the use of several advanced hardware and software for deployment. On top of that, high technical overhead is imposed on users in terms of network setup and maintenance. This paper presents the first plug-and-play system to detect MC-MitM attacks. Our solution is a lightweight, signaturebased, and centralized online passive intrusion detection system that can be easily integrated into Wi-Fi-based IoT environments without modifying any network settings or existing devices. The evaluation results show that our proposed framework can detect MC-MitM attacks with a maximum detection time of 60 seconds and a minimum TPR (true positive rate) of 90% by short-distance detectors and 85% by long-distance detectors in real Wi-Fi or IoT environments.

show abstract