Hunting the hidden wireless network attacker
The widespread deployment of wireless networks and the increased availability of attack tools on the Web have enabled adversaries – from “script kiddies” to experienced hackers – to launch sophisticated network attacks against remote critical infrastructures with relative ease and anonymity. A team of ECE researchers wants to unmask these adversaries, help bring them to justice and prevent others from trying such attacks.
Yaling Yang, with co-investigators Michael Buehrer and Jung Min Park are developing a system to trace back to the true sources of wireless network attacks. Supported by a $330,000 grant from the NSF, they are seeking a method of finding an adversary that is actively trying to disguise its location in a wireless network by distorting its signal features.
Most existing approaches for finding network adversaries were designed for tracing back to the edge routers in wired networks, according to Yang. “These approaches are ineffective for wireless networks, since the attacker can be anywhere in the unified coverage area of all wireless access points in a subnet. To be truly effective as an attack deterrent, a traceback scheme for a wireless network must be combined with accurate localization techniques to estimate the adversary’s physical location,” she says.
The team’s approach is a proactive, cross-layer localization design that integrates a number of diverse disciplines, including localization, security, wireless networking and distributed system design. The results will help ensure the security of cyber applications in critical aspects of the society, such as telecommunications, banking and finance, energy, transportation, and essential government services, she says.