CHAMELEON - VIRUS ATTACKS IN WI-FI NETWORK
Engineers from the School of Electrical, Electronic and Computer Science at the University of Liverpool said that developed the concept of the virus Chameleon, which spreads over a wireless connection between Wi-Fi- routers , replacing the firmware of the victim. For an unusual method of distribution - "on air" - it was compared with a cold.
Scientists do not publish any details about the creation of the concept , except for the general algorithm of its work.
Drawing up a list of suitable access points within affordability. Hacking cryptographic protection of the access point . Bypassing the management interface of the access point . Identification and preservation of the current settings of the access point . Replacing the original firmware malicious access point firmware. Loading previously saved settings. Further spread of the virus ( return to step 1). Lack of technical details suggests that the virus is not as viable Chameleon as I would like creators. However, this does not negate the possibility of creating such a virus .
However , the authors reported success in laboratory experiments on the infection of neighboring access points - and continued to experiment by clicking on the practical "proof" of the existence of the possibility of such a virus to study its propagation velocity in real urban environments. For computer simulations , they used information about Wi-Fi- hotspots in Belfast and London.
The study showed that in Belfast works 14,533 access points , of which 22 % are open for access, 61% reserved WPA/WPA2, 14% reserved WEP.
In London, at the time of the study worked 96,433 access points , of which 24 % were open to access protected 48% and 19 % WPA/WPA2 protected WEP.
"Chameleon" behaved like a droplet infection and traveled between access points . In the simulation of a hypothetical virus router considered "available" if located at a distance of 10-50 meters. Model initiated the original " infected" with a certain amount of access points , selecting them randomly, and then counted how many days it takes to process all the hotspots in the city, it is either infection or tagging router as unreachable . In the absence of changes in the pattern within two days the model is randomly selected another model for more " spiking " of the virus (reseed).
The results are shown in Table . For example, with a maximum radius of 50 meters to cover all hotspots in Belfast in 2499 it took 988 days with additional " spiking ." In this recorded 212.6 thousand P2P- connections between access points and the final infection rate of 6.1 % (not counting forced infected in early ) .
" Infection " London needs more time : 4288 days in 1294 additional " spiking ." Model counted 7.04 million P2P- connections between access points , and the resulting infection rate of 6.9 %.
The researchers emphasize that the final infection rate strongly depends on the density of hotspots in the city.
Scientific work published in the journal «EURASIP Journal on Information Security».
|