Feeds

Attack of the bandwidth-hogging hackers

Wi-Fi hotspot peril

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Swiss security researchers have unearthed a flaw in wireless LAN systems that might be used by hackers to drastically increase their share of the available bandwidth at the expense of the other users. The issue should be of particular concern to hotspot operators, according to a team from the computer labs at the Ecole Polytechnique Federale de Lausanne (EPFL).

Appropriate standards (such as 802.11i) have been developed to ensure user security and privacy in hotspots, but this does nothing to prevent users altering the MAC protocol of a machine to increase his share of available bandwidth, according to the Swiss team.

They explain: "The new generation of wireless adapters allow easy modification of previously inaccessible MAC protocol parameters; for example, with a single line of code hackers can reduce the contention window size, realising a considerable redistribution of throughput shares among station competing for wireless bandwidth. Other cheating techniques include the modification of protocol timers, the misuse of collision-avoidance mechanisms such as the Net Allocation Vector, and selective scrambling of other users frames."

Professor Jean-Pierre Hubaux, leader of the three person team from EPFL who investigated the issue, said that although they had demonstrated these attacks in a lab environment they were yet to see reports about this kind of misdeeds in the real world yet. But that is no reason for complacency, he argued.

"Experience has shown that breaches are usually exploited, especially if this is easy to do (as it is the case here). With the increasing programmability of the devices, the risk will increase as well," Prof. Hubaux told El Reg.

"Considering that wireless access to hotspots is a charged service to a shared and scarce resource, it is easy to predict that numerous users will be tempted to cheat using the described techniques, thus discouraging honest users to make use of the service," the Swiss Boffins argue.

The Lab has also designed a (US patent pending) detection system, dubbed Domino, to spot bandwidth-stealing behaviour in wireless LANs. This technology is designed to help any Wi-Fi operator to protect its infrastructure against bandwidth-hogging hackers. EPFL hopes to license its technology to IT suppliers.

EPFL researchers will present their work at the Mobisys mobile system conference in Boston next week. ®

Related stories

New flaw takes Wi-Fi off the air
Wi-Fi group to update WLAN spec
Cisco thwarts WLAN dictionary attack
Wi-Fi Alliance preps WPA 2 security spec

Secure remote control for conventional and virtual desktops

More from The Register

next story
Sea-Me-We 5 construction starts
New sub cable to go live 2016
Vodafone to buy 140 Phones 4u stores from stricken retailer
887 jobs 'preserved' in the process, says administrator PwC
BT claims almost-gigabit connections over COPPER WIRE
Just need to bring the fibre box within 19m ...
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
Surprise: if you work from home you need the Internet
Buffer-rage sends Aussies out to experience road rage
EE buys 58 Phones 4u stores for £2.5m after picking over carcass
Operator says it will safeguard 359 jobs, plans lick of paint
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.