Wi-Fi networks can be persuaded to lock out their
legitimate users by an "autoimmune disorder" attack, researchers at
theDefcon-16security conference will
show this week.
Researchers from
Airtight Networks
will unveil how they compromised eight different wireless networks
by persuading their security systems to lock out legitimate
users.
This is similar to autoimmune disease in humans, which occurs
when the immune system mistakenly attacks and destroys healthy body
tissue.
The presentation is about discovery of autoimmunity disorder,
which can be triggered by sending specially crafted packets to some
networks that use open source and commercial
802.11 application program (AP) systems.
The network control systems use various means to check the
validity of messages to deter distributed denial of service (DDos)
attacks. The researchers show hackers can exploit these checking
systems to fool the software into believing its legitimate users
are DDos attackers. This makes the AP turn hostile to its own
clients. The researchers will show eight examples of this at
Defcon. They will also show an example of a DoS attack against
Cisco's Management Frame Protection (MFP (11w)).
"Although the proposed standard
802.11w
promises immunity from DoS attacks, we show that autoimmunity
disorder leaves a door open through which DoS attacks can still be
launched," the researchers said.
Lead researcher Sohail Ahmad works on the mitigation of various
security aspects of IEEE 802.11w and IEEE 802.11n standards and
their implementations. He has also demonstrated the more potent
form of
Evil Twin
Attack,
"
Multipot". He discovered the
"
Caffe Latte" attack, which retrieves a wireless encryption
protocol (WEP) key from an isolated client without using its
authorised access point.