More Web Proxy on the site http://driver.im/

research-article

One Billion Apples' Secret Sauce: Recipe for the Apple Wireless Direct Link Ad hoc Protocol

Authors:

David Kreitschmann,

Matthias HollickAuthors Info & Claims

MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and Networking

Pages 529 - 543

https://doi.org/10.1145/3241539.3241566

Published: 15 October 2018 Publication History

Abstract

Apple Wireless Direct Link (AWDL) is a proprietary and undocumented IEEE 802.11-based ad hoc protocol. Apple first introduced AWDL around 2014 and has since integrated it into its entire product line, including iPhone and Mac. While we have found that AWDL drives popular applications such as AirPlay and AirDrop on more than one billion end-user devices, neither the protocol itself nor potential security and Wi-Fi coexistence issues have been studied. In this paper, we present the operation of the protocol as the result of binary and runtime analysis. In short, each AWDL node announces a sequence of Availability Windows (AWs) indicating its readiness to communicate with other AWDL nodes. An elected master node synchronizes these sequences. Outside the AWs, nodes can tune their Wi-Fi radio to a different channel to communicate with an access point, or could turn it off to save energy. Based on our analysis, we conduct experiments to study the master election process, synchronization accuracy, channel hopping dynamics, and achievable throughput. We conduct a preliminary security assessment and publish an open source Wireshark dissector for AWDL to nourish future work.

References

[1]

Apple Inc. 2015. System Integrity Protection Guide. https://developer.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/Introduction/Introduction.html Retrieved June 28, 2018 from

[2]

Apple Inc. 2018a. About Entitlements. https://developer.apple.com/library/archive/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AboutEntitlements.html Retrieved June 28, 2018 from

[3]

Apple Inc. 2018b. About the Security Content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. https://support.apple.com/en-us/HT208331 Retrieved June 28, 2018 from

[4]

Apple Inc. 2018c. Financial Information--Earnings Releases and 10K Annual Reports. http://investor.apple.com/financials.cfm Retrieved June 28, 2018 from

[5]

Apple Inc. 2018 d. iOS Security Guide--White Paper. https://www.apple.com/business/docs/iOS_Security_Guide.pdf Retrieved June 28, 2018 from

[6]

Apple Inc. 2018 e. NSNetService Class Documentation . https://developer.apple.com/documentation/foundation/nsnetservice Retrieved June 28, 2018 from

[7]

Nitay Artenstein. 2017. Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets. https://blog.exodusintel.com/2017/07/26/broadpwn/ Retrieved June 28, 2018 from

[8]

Gal Beniamini. 2017a. Over the Air: Exploiting Broadcom's Wi-Fi Stack (Part 1). https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html Retrieved June 28, 2018 from

[9]

Gal Beniamini. 2017b. Over The Air: Exploiting Broadcom's Wi-Fi Stack (Part 2). https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html Retrieved June 28, 2018 from

[10]

Bluetooth Special Interest Group. 2016. Bluetooth® Core Specification.

[11]

Daniel Camps-Mur, Andres Garcia-Saavedra, and Pablo Serrano. 2013. Device-to-Device Communications with Wi-Fi Direct: Overview and Experimentation. IEEE Wireless Communications, Vol. 20, 3 (2013), 96--104.

[12]

Daniel Camps-Mur, Eduard Garcia Villegas, Elena López-Aguilera, Paulo Loureiro, Paul Lambert, and Ali Raissinia. 2015. Enabling Always On Service Discovery: WiFi Neighbor Awareness Networking . IEEE Wireless Communications, Vol. 22, 2 (2015), 118--125.

Digital Library

[13]

Jiska Classen, Daniel Wegemer, Paul Patras, Tom Spink, and Matthias Hollick. 2018. Anatomy of a Vulnerable Fitness Tracking System: Dissecting the Fitbit Cloud, App, and Firmware. Interactive, Mobile, Wearable and Ubiquitous Technologies, Vol. 2, 1 (March 2018), 5:1--5:24.

Digital Library

[14]

Craig Dooley and Duy Phan. 2017. What's New in Core Bluetooth. In Worldwide Developers Conference (WWDC). Apple Inc. https://developer.apple.com/videos/play/wwdc2017/712/

[15]

GitHub. 2015. Leaked BCM4360 Driver Code . https://github.com/kyuhsim/khsim_repository/tree/72708c6709/FutureSys/FutureProj_20141222/hg_clone/D700_wl Retrieved June 28, 2018 from

[16]

GitHub. 2018. Lilu: Arbitrary kext and process patching on macOS. https://github.com/acidanthera/Lilu Retrieved June 28, 2018 from

[17]

Google. 2017. Wi-Fi Aware . https://developer.android.com/guide/topics/connectivity/wifi-aware Retrieved June 28, 2018 from

[18]

Arnt Gulbrandsen, Paul Vixie, and Levon Esibov. 2000. A DNS RR for Specifying the Location of Services (DNS SRV). RFC 2782 (Feb. 2000).

Digital Library

[19]

Robert M. Hinden and Stephen E. Deering. 2006. IP Version 6 Addressing Architecture. RFC 4291 (Feb. 2006).

[20]

IEEE. 2018. Registration Authority . https://standards.ieee.org/develop/regauth/index.html Retrieved June 28, 2018 from

[21]

Florian Kohnhäuser, Milan Stute, Lars Baumgärtner, Lars Almon, Stefan Katzenbeisser, Matthias Hollick, and Bernd Freisleben. 2017. SEDCOS: A Secure Device-to-Device Communication System for Disaster Scenarios. In IEEE Conference on Local Computer Networks (LCN).

[22]

David Kreitschmann. 2018. User Manual for the Apple CoreCapture Framework. https://seemoo.de/corecapture-manual

[23]

David Kreitschmann and Milan Stute. 2018. AWDL and CoreCapture Wireshark dissector. https://seemoo.de/wireshark-awdl

[24]

Joakim Linde, Aarti Kumar, Christiaan A. Hartman, and Pierre B. Vandwalle. 2016. WiFi Real-time Streaming and Bluetooth Coexistence. U.S. Patent 9485778 (Nov. 2016). https://patents.google.com/patent/US9485778

[25]

Zongqing Lu, Guohong Cao, and Thomas La Porta. 2016. Networking Smartphones for Disaster Recovery. In IEEE International Conference on Pervasive Computing and Communications (PerCom).

[26]

Ouanilo Medegan. 2012. Skype Reverse Engineering. http://www.oklabs.net/skype-reverse-engineering-the-long-journey/ Retrieved June 28, 2018 from

[27]

Microsoft. 2018. About the Wireless Ad Hoc API . https://msdn.microsoft.com/en-us/library/windows/desktop/ ms705973%28v=vs.85%29.aspx

[28]

Matthias Schulz, Daniel Wegemer, and Matthias Hollick. 2018. The Nexmon Firmware Analysis and Modification Framework: Empowering Researchers to Enhance Wi-Fi Devices. Computer Communications (2018).

[29]

Serval Project. 2014. Serval Mesh Supported Devices. http://developer.servalproject.org/dokuwiki/doku.php? id=content:servalmesh:supported_devices

[30]

IEEE Computer Society. 2014. Standard for Local and Metropolitan Area Networks: Overview and Architecture.

[31]

IEEE Computer Society. 2016. Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification.

[32]

Milan Stute. 2018. proxAWDL: simple AWDL--TCP proxy. https://seemoo.de/proxawdl

[33]

Pierre B. Vandwalle, Tashbeeb Haque, Andreas Wolf, and Saravanan Balasubramaniyan. 2016a. Method and Apparatus for Cooperative Channel Switching. U.S. Patent 9491593 (Nov. 2016). http://www.google.com/patents/US9491593

[34]

Pierre B. Vandwalle, Christiaan A. Hartman, Robert Stacey, Peter N. Heerboth, and Tito Thomas. 2016b. Synchronization of Devices in a Peer-to-Peer Network Environment. U.S. Patent 9473574 (Oct. 2016). http://www.google.com/patents/US9473574

[35]

Wi-Fi Alliance. 2015. Neighbor Awareness Networking Technical Specification .

[36]

Wi-Fi Alliance. 2016. Wi-Fi Peer-to-Peer (P2P) Technical Specification. http://www.wi-fi.org/file/wi-fi-peer-to-peer-p2p-technical- specification-v17

Cited By

Wang CWang HZhou YNi YQian FXu CVanbever LZhang I(2024)SMUFFProceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation10.5555/3691825.3691901(1369-1383)Online publication date: 16-Apr-2024
https://dl.acm.org/doi/10.5555/3691825.3691901
Putz FHaesler SHollick M(2024)Sounds Good? Fast and Secure Contact Exchange in GroupsProceedings of the ACM on Human-Computer Interaction10.1145/36869648:CSCW2(1-44)Online publication date: 8-Nov-2024
https://dl.acm.org/doi/10.1145/3686964
Girish AHu TPrakash VDubois DMatic SHuang DEgelman SReardon JTapiador JChoffnes DVallina-Rodriguez NMontpetit MLeivadeas AUhlig SJaved M(2023)In the Room Where It Happens: Characterizing Local Communication and Threats in Smart HomesProceedings of the 2023 ACM on Internet Measurement Conference10.1145/3618257.3624830(437-456)Online publication date: 24-Oct-2023
https://dl.acm.org/doi/10.1145/3618257.3624830
Show More Cited By

Index Terms

One Billion Apples' Secret Sauce: Recipe for the Apple Wireless Direct Link Ad hoc Protocol
1. Networks
  1. Network protocols
    1. Link-layer protocols
    2. Network protocol design
  2. Network types
    1. Ad hoc networks

Recommendations

Linux Goes Apple Picking: Cross-Platform Ad hoc Communication with Apple Wireless Direct Link
MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and Networking

Apple Wireless Direct Link (AWDL) is a proprietary and undocumented wireless ad hoc protocol that Apple introduced around 2014 and which is the base for applications such as AirDrop and AirPlay. We have reverse engineered the protocol and explain its ...
Modeling of collision avoidance protocols in single-channel multihop wireless networks

Although there has been considerable work on the performance evaluation of collision avoidance schemes, most analytical work is confined to single-hop ad hoc networks or networks with very few hidden terminals. We present the first analytical model to ...
Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS~X and iOS
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

On modern operating systems, applications under the same user are separated from each other, for the purpose of protecting them against malware and compromised programs. Given the complexity of today's OSes, less clear is whether such isolation is ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and Networking

October 2018

884 pages

ISBN:9781450359030

DOI:10.1145/3241539

General Chairs:
Rajeev Shorey
TCS Innovation Labs, India
,
Rohan Murty
Soroco, USA/India
,
Program Chairs:
Yingying (Jennifer) Chen
WINLAB, Rutgers University, USA
,
Kyle Jamieson
Princeton University, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 October 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Best Paper

Author Tags

Qualifiers

Research-article

Conference

MobiCom '18

Sponsor:

SIGMOBILE

MobiCom '18: The 24th Annual International Conference on Mobile Computing and Networking

October 29 - November 2, 2018

New Delhi, India

Acceptance Rates

MobiCom '18 Paper Acceptance Rate 42 of 187 submissions, 22%;

Overall Acceptance Rate 440 of 2,972 submissions, 15%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

24
Total Citations
View Citations
1,359
Total Downloads

Downloads (Last 12 months)77
Downloads (Last 6 weeks)14

Reflects downloads up to 07 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wang CWang HZhou YNi YQian FXu CVanbever LZhang I(2024)SMUFFProceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation10.5555/3691825.3691901(1369-1383)Online publication date: 16-Apr-2024
https://dl.acm.org/doi/10.5555/3691825.3691901
Putz FHaesler SHollick M(2024)Sounds Good? Fast and Secure Contact Exchange in GroupsProceedings of the ACM on Human-Computer Interaction10.1145/36869648:CSCW2(1-44)Online publication date: 8-Nov-2024
https://dl.acm.org/doi/10.1145/3686964
Girish AHu TPrakash VDubois DMatic SHuang DEgelman SReardon JTapiador JChoffnes DVallina-Rodriguez NMontpetit MLeivadeas AUhlig SJaved M(2023)In the Room Where It Happens: Characterizing Local Communication and Threats in Smart HomesProceedings of the 2023 ACM on Internet Measurement Conference10.1145/3618257.3624830(437-456)Online publication date: 24-Oct-2023
https://dl.acm.org/doi/10.1145/3618257.3624830
Xu ZTong SXie PWang J(2023)From Demodulation to Decoding: Toward Complete LoRa PHY Understanding and ImplementationACM Transactions on Sensor Networks10.1145/354686918:4(1-27)Online publication date: 31-Jan-2023
https://dl.acm.org/doi/10.1145/3546869
Lagos Jenschke TDias de Amorim MFdida S(2023)Nearby connections strategies: Features, usage, and empirical performance evaluationInternet of Things10.1016/j.iot.2023.10089523(100895)Online publication date: Oct-2023
https://doi.org/10.1016/j.iot.2023.100895
Heinrich ABittner NHollick MJadliwala MKim YDmitrienko A(2022)AirGuard - Protecting Android Users from Stalking Attacks by Apple Find My DevicesProceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3507657.3528546(26-38)Online publication date: 16-May-2022
https://dl.acm.org/doi/10.1145/3507657.3528546
Li BFan HGao YDong WBulusu NAryafar EBalasubramanian ASong J(2022)Bringing webassembly to resource-constrained iot devices for seamless device-cloud integrationProceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services10.1145/3498361.3538922(261-272)Online publication date: 27-Jun-2022
https://dl.acm.org/doi/10.1145/3498361.3538922
Fomichev MAbanto-leon LStiegler MMolina ALink JHollick M(2022)Next2You: Robust Copresence Detection Based on Channel State InformationACM Transactions on Internet of Things10.1145/34912443:2(1-31)Online publication date: 15-Feb-2022
https://dl.acm.org/doi/10.1145/3491244
Epstein BKlein BFeuerstein D(2022)Analysis of sysdiagnose in iOS 15 to identify the sending phone number of AirDrop dataJournal of Forensic Sciences10.1111/1556-4029.1502267:4(1704-1707)Online publication date: 24-Feb-2022
https://doi.org/10.1111/1556-4029.15022
Lee SDudek LWojdyna P(2022)FastShare: push-based file sharing approach on wireless multi device environment2022 IEEE 12th International Conference on Consumer Electronics (ICCE-Berlin)10.1109/ICCE-Berlin56473.2022.9937112(1-2)Online publication date: 2-Sep-2022
https://doi.org/10.1109/ICCE-Berlin56473.2022.9937112
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

EPUB

View this article in ePub.

Media

Figures

Other

Tables

View Table of Contents