Title | ||
---|---|---|
Beam-Stealing: Intercepting the Sector Sweep to Launch Man-in-the-Middle Attacks on Wireless IEEE 802.11ad Networks. |
Abstract | ||
---|---|---|
Millimeter-wave (mm-wave) communication systems provide high data-rates and enable emerging application scenarios, such as 'information showers' for location-based services. Devices are equipped with antenna arrays using dozens of elements to achieve high directionality and thus creating a signal beam that focuses only on a specific area-of-interest. This new communication paradigm of steerable links requires a rethinking of wireless networks and calls for efficient protocols to train the beam alignment among network nodes. The IEEE 802.1 lad standard defines the so-called sector sweep that sweeps through a predefined set of antenna-sectors to find the optimal antenna steerings. Such low-layer protocols lack proper security mechanisms and open unprecedented attack possibilities. Distant attackers might tamper with the beam-training and literally 'steal' the beam from other devices. In this work, we investigate the threat of such beam-stealing attacks that intercept the sector sweep. By injecting forged feedback, we force victims to steer their signals towards the attacker's location. We implement a proof-of-concept on commercial off-the-shelf devices and evaluate the impacts on eavesdropping and acting as a Man-in-the-Middle (MITM). Our practical experiments in typical indoor scenarios reveal that beam-stealing increases the eavesdropping performance by 38% and allow a MITM to relay packets with an average error of only 1%. With these results, we emphasize the threat of beam-training attacks on mm-wave networks and aim to raise the awareness of attack vectors that are emerging with new low-layer amendments in next-generation wireless networks.
|
Year | DOI | Venue |
---|---|---|
2018 | 10.1145/3212480.3212499 | WiSec '18: 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks
Stockholm
Sweden
June, 2018 |
Field | DocType | ISBN |
Wireless network,Wireless,Man-in-the-middle attack,Eavesdropping,Computer security,Computer science,Network packet,Communications system,Node (networking),Computer network,IEEE 802 | Conference | 978-1-4503-5731-9 |
Citations | PageRank | References |
6 | 0.52 | 21 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Daniel Steinmetzer | 1 | 69 | 8.50 |
Yimin Yuan | 2 | 6 | 0.52 |
Matthias Hollick | 3 | 750 | 97.29 |