Stute, Milan (2020)
Availability by Design: Practical Denial-of-Service-Resilient Distributed Wireless Networks.
Technische Universität Darmstadt
doi: 10.25534/tuprints-00011457
Ph.D. Thesis, Primary publication
Abstract
Distributed wireless networks (DWNs) where devices communicate directly without relying on Internet infrastructure are on the rise, driving new applications and paradigms such as multimedia, authentication, payment, Internet of things (IoT), vehicular communication, and emergency response. However, the increased societal reliance on technology and the resulting “always-on” expectations of the users increase the risk of denial-of-service (DoS) attacks as they can leverage disruption in new ways beyond extortions (ransomware) that are common in today’s Internet ecosystem. These new risks extend to our physical world, directly impacting our daily lives, e.g., by being locked out of a smart home or by disrupting vehicular collision avoidance systems. As a research community, we need to protect those new applications that—as we find—can be mapped to a total of three distinct networking scopes: neighbor, island, and archipelago. In this thesis, we advance the field in each of these scopes. First, we analyze two proprietary neighbor communication protocols, Apple Wireless Direct Link (AWDL) and Apple AirDrop, that are deployed on more than 1.4 billion devices worldwide. During the process, we uncover several security and privacy vulnerabilities ranging from design flaws to implementation bugs leading to a machine-in-the-middle (MitM) attack on AirDrop, a DoS attack on AWDL preventing communication, and DoS attacks enabling crashing of neighboring devices. In addition, we found privacy leaks that enable user identification and long-term tracking. All attacks can be mounted using low-cost off-the-shelf hardware. In total, we disclose eight distinct vulnerabilities that we mitigate in collaboration with Apple. Second, we design and implement a new island communication protocol tailored to IoT scenarios, which provides provable protections against previously neglected risks such as wormhole- and replay-supported greyhole attacks. We support our analytical findings with testbed experiments. Third, we propose an archipelago-scope communication framework for emergencies that achieves resiliency against flooding and Sybil attacks. We evaluate our design using an original expert knowledge-based simulation that models human mobility during the aftermath of the 2013 Typhoon Haiyan in the Philippines. Finally, and to nourish future research, we provide a guide for analyzing Apple’s wireless ecosystem and publish several software artifacts, including an AWDL Wireshark dissector, open AWDL and AirDrop implementations, a prototype of our IoT communication protocol, and our natural disaster mobility model.
Item Type: | Ph.D. Thesis | ||||
---|---|---|---|---|---|
Erschienen: | 2020 | ||||
Creators: | Stute, Milan | ||||
Type of entry: | Primary publication | ||||
Title: | Availability by Design: Practical Denial-of-Service-Resilient Distributed Wireless Networks | ||||
Language: | English | ||||
Referees: | Hollick, Prof. Dr. Matthias ; Noubir, Prof. Guevara | ||||
Date: | 14 February 2020 | ||||
Place of Publication: | Darmstadt | ||||
Refereed: | 14 February 2020 | ||||
DOI: | 10.25534/tuprints-00011457 | ||||
URL / URN: | https://tuprints.ulb.tu-darmstadt.de/11457 | ||||
Abstract: | Distributed wireless networks (DWNs) where devices communicate directly without relying on Internet infrastructure are on the rise, driving new applications and paradigms such as multimedia, authentication, payment, Internet of things (IoT), vehicular communication, and emergency response. However, the increased societal reliance on technology and the resulting “always-on” expectations of the users increase the risk of denial-of-service (DoS) attacks as they can leverage disruption in new ways beyond extortions (ransomware) that are common in today’s Internet ecosystem. These new risks extend to our physical world, directly impacting our daily lives, e.g., by being locked out of a smart home or by disrupting vehicular collision avoidance systems. As a research community, we need to protect those new applications that—as we find—can be mapped to a total of three distinct networking scopes: neighbor, island, and archipelago. In this thesis, we advance the field in each of these scopes. First, we analyze two proprietary neighbor communication protocols, Apple Wireless Direct Link (AWDL) and Apple AirDrop, that are deployed on more than 1.4 billion devices worldwide. During the process, we uncover several security and privacy vulnerabilities ranging from design flaws to implementation bugs leading to a machine-in-the-middle (MitM) attack on AirDrop, a DoS attack on AWDL preventing communication, and DoS attacks enabling crashing of neighboring devices. In addition, we found privacy leaks that enable user identification and long-term tracking. All attacks can be mounted using low-cost off-the-shelf hardware. In total, we disclose eight distinct vulnerabilities that we mitigate in collaboration with Apple. Second, we design and implement a new island communication protocol tailored to IoT scenarios, which provides provable protections against previously neglected risks such as wormhole- and replay-supported greyhole attacks. We support our analytical findings with testbed experiments. Third, we propose an archipelago-scope communication framework for emergencies that achieves resiliency against flooding and Sybil attacks. We evaluate our design using an original expert knowledge-based simulation that models human mobility during the aftermath of the 2013 Typhoon Haiyan in the Philippines. Finally, and to nourish future research, we provide a guide for analyzing Apple’s wireless ecosystem and publish several software artifacts, including an AWDL Wireshark dissector, open AWDL and AirDrop implementations, a prototype of our IoT communication protocol, and our natural disaster mobility model. |
||||
Alternative Abstract: |
|
||||
Uncontrolled Keywords: | emergenCITY_KOM | ||||
URN: | urn:nbn:de:tuda-tuprints-114573 | ||||
Classification DDC: | 000 Generalities, computers, information > 004 Computer science | ||||
Divisions: | 20 Department of Computer Science 20 Department of Computer Science > Sichere Mobile Netze Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Schwerpunkte LOEWE > LOEWE-Schwerpunkte > NiCER – Networked infrastructureless Cooperation for Emergency Response LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > emergenCITY |
||||
TU-Projects: | HMWK|III L6-519/03/05.001-(0016)|emergenCity TP Bock | ||||
Date Deposited: | 01 Mar 2020 20:55 | ||||
Last Modified: | 23 Sep 2020 08:34 | ||||
PPN: | |||||
Referees: | Hollick, Prof. Dr. Matthias ; Noubir, Prof. Guevara | ||||
Refereed / Verteidigung / mdl. Prüfung: | 14 February 2020 | ||||
Export: | |||||
Suche nach Titel in: | TUfind oder in Google |
Send an inquiry |
Options (only for editors)
Show editorial Details |