[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3603165.3607441acmotherconferencesArticle/Chapter ViewAbstractPublication Pagesacm-turcConference Proceedingsconference-collections
poster

Traffic Hijacking in Wi-Fi Networks via ICMP Redirects

Published: 25 September 2023 Publication History

Abstract

This paper uncovers a vulnerability involving identity spoofing through cross-layer interactions among Wi-Fi, IP, and ICMP protocols. The discovered vulnerability enables an off-path attacker to impersonate the Access Point (AP) of a Wi-Fi network, allowing the attacker to hijack plaintext traffic transmitted by wireless stations. We identify a design flaw in the Network Processing Units (NPUs) of widely-used chip manufacturers, which can be exploited by the attacker to spoof the AP and send ICMP redirect messages. By deceitfully mimicking a new AP within the network, the attacker successfully tricks other supplicants into believing that the attacker is a legitimate AP within the network. Consequently, the victim supplicants unknowingly forward their plaintext traffic to the attacker, leading to a successful Man-In-The-Middle (MITM) attack. Through extensive experimentation, we demonstrate that 55 popular AP routers and over 89% of real-world Wi-Fi networks are susceptible to the identified MITM attack.

References

[1]
Wi-Fi Alliance. Accessed November 2021. Discover Wi-Fi Security. https://www.wi-fi.org/discover-wi-fi/security.
[2]
Xuewei Feng, Qi Li, Kun Sun, Yuxiang Yang, and Ke Xu. 2022. Man-in-the-Middle Attacks without Rogue AP: When WPAs Meet ICMP Redirects. In 2023 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, 694–709.
[3]
Scott Fluhrer, Itsik Mantin, and Adi Shamir. 2001. Weaknesses in the key scheduling algorithm of RC4. In International Workshop on Selected Areas in Cryptography. Springer, 1–24.
[4]
Thomas Narten, Erik Nordmark, William Allen Simpson, and Hesham Soliman. 2007. Neighbor Discovery for IP version 6 (IPv6). RFC 4861. Internet Engineering Task Force. 1–97 pages.
[5]
Jon Postel. 1981. Internet Control Message Protocol. RFC 792. Internet Engineering Task Force. 1–21 pages. http://www.rfc-editor.org/rfc/rfc792.txt
[6]
Mathy Vanhoef. 2021. Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation. In 30th USENIX Security Symposium (USENIX Security 21).
[7]
Mathy Vanhoef and Frank Piessens. 2017. Key reinstallation attacks: Forcing nonce reuse in WPA2. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 1313–1328.

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences
ACM TURC '23: Proceedings of the ACM Turing Award Celebration Conference - China 2023
July 2023
173 pages
ISBN:9798400702334
DOI:10.1145/3603165
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 September 2023

Check for updates

Author Tags

  1. ICMP redirects
  2. Identity spoofing
  3. Wi-Fi hijacking

Qualifiers

  • Poster
  • Research
  • Refereed limited

Conference

ACM TURC '23

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 65
    Total Downloads
  • Downloads (Last 12 months)41
  • Downloads (Last 6 weeks)2
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media