Stute, Milan ; Narain, Sashank ; Mariotto, Alex ; Heinrich, Alexander ; Kreitschmann, David ; Noubir, Guevara ; Hollick, Matthias (2019)
A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link.
28th USENIX Security Symposium (USENIX Security '19). Santa Clara, CA, USA (14.08.2019-16.08.2019)
Conference or Workshop Item, Bibliographie
This is the latest version of this item.
Abstract
Apple Wireless Direct Link (AWDL) is a key protocol in Apple's ecosystem used by over one billion iOS and macOS devices for device-to-device communications. AWDL is a proprietary extension of the IEEE 802.11 (Wi-Fi) standard and integrates with Bluetooth Low Energy (BLE) for providing services such as Apple AirDrop. We conduct the first security and privacy analysis of AWDL and its integration with BLE. We uncover several security and privacy vulnerabilities ranging from design flaws to implementation bugs leading to a man-in-the-middle (MitM) attack enabling stealthy modification of files transmitted via AirDrop, denial-of-service (DoS) attacks preventing communication, privacy leaks that enable user identification and long-term tracking undermining MAC address randomization, and DoS attacks enabling targeted or simultaneous crashing of all neighboring devices. The flaws span across AirDrop's BLE discovery mechanism, AWDL synchronization, UI design, and Wi-Fi driver implementation. Our analysis is based on a combination of reverse engineering of protocols and code supported by analyzing patents. We provide proof-of-concept implementations and demonstrate that the attacks can be mounted using a low-cost ($20) micro:bit device and an off-the-shelf Wi-Fi card. We propose practical and effective countermeasures. While Apple was able to issue a fix for a DoS attack vulnerability after our responsible disclosure, the other security and privacy vulnerabilities require the redesign of some of their services.
Item Type: | Conference or Workshop Item |
---|---|
Erschienen: | 2019 |
Creators: | Stute, Milan ; Narain, Sashank ; Mariotto, Alex ; Heinrich, Alexander ; Kreitschmann, David ; Noubir, Guevara ; Hollick, Matthias |
Type of entry: | Bibliographie |
Title: | A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link |
Language: | English |
Date: | 2019 |
Place of Publication: | Santa Clara, CA, USA |
Event Title: | 28th USENIX Security Symposium (USENIX Security '19) |
Event Location: | Santa Clara, CA, USA |
Event Dates: | 14.08.2019-16.08.2019 |
URL / URN: | https://www.usenix.org/conference/usenixsecurity19/presentat... |
Corresponding Links: | |
Abstract: | Apple Wireless Direct Link (AWDL) is a key protocol in Apple's ecosystem used by over one billion iOS and macOS devices for device-to-device communications. AWDL is a proprietary extension of the IEEE 802.11 (Wi-Fi) standard and integrates with Bluetooth Low Energy (BLE) for providing services such as Apple AirDrop. We conduct the first security and privacy analysis of AWDL and its integration with BLE. We uncover several security and privacy vulnerabilities ranging from design flaws to implementation bugs leading to a man-in-the-middle (MitM) attack enabling stealthy modification of files transmitted via AirDrop, denial-of-service (DoS) attacks preventing communication, privacy leaks that enable user identification and long-term tracking undermining MAC address randomization, and DoS attacks enabling targeted or simultaneous crashing of all neighboring devices. The flaws span across AirDrop's BLE discovery mechanism, AWDL synchronization, UI design, and Wi-Fi driver implementation. Our analysis is based on a combination of reverse engineering of protocols and code supported by analyzing patents. We provide proof-of-concept implementations and demonstrate that the attacks can be mounted using a low-cost ($20) micro:bit device and an off-the-shelf Wi-Fi card. We propose practical and effective countermeasures. While Apple was able to issue a fix for a DoS attack vulnerability after our responsible disclosure, the other security and privacy vulnerabilities require the redesign of some of their services. |
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Sichere Mobile Netze Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Schwerpunkte LOEWE > LOEWE-Schwerpunkte > NiCER – Networked infrastructureless Cooperation for Emergency Response LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CRISP - Center for Research in Security and Privacy |
Date Deposited: | 09 Jul 2019 09:56 |
Last Modified: | 03 Jul 2024 02:39 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Available Versions of this Item
-
A Billion Open Interfaces for Eve and Mallory : MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link. (deposited 30 Nov 2020 12:20)
- A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link. (deposited 09 Jul 2019 09:56) [Currently Displayed]
Send an inquiry |
Options (only for editors)
Show editorial Details |