Skip to main content
SpringerLink
Log in

Combating Nationwide WiFi Security Threats

  • Chapter
  • First Online:
Content Distribution for Mobile Internet: A Cloud-based Approach

  • 175 Accesses

Abstract

Carrying over 75% of the last-mile mobile Internet traffic, WiFi has inevitably become an enticing target for various security threats. In this work, we characterize a wide variety of real-world WiFi threats at an unprecedented scale, involving 19M WiFi APs mostly located in China, by deploying a crowdsourced security checking system on 14M mobile devices in the wild. Leveraging the collected data, we reveal the landscape of nationwide WiFi threats for the first time. We find that the prevalence, riskiness, and breakdown of WiFi threats deviate significantly from common understandings and prior studies. In particular, we detect attacks at around 4% of all WiFi APs, uncover that most WiFi attacks are driven by an underground economy, and provide strong evidence of web analytics platforms being the bottleneck of its monetization chain. Furthermore, we provide insightful guidance for defending against WiFi attacks at scale, and some of our efforts have already yielded real-world impact—effectively disrupted the WiFi attack ecosystem.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A BSSID (Basic Service Set Identifier) is derived from the AP’s MAC address, and they are usually identical except when the AP supports multiple service sets [17].

References

  1. Hetting C. New numbers: Wi-Fi share of US mobile data traffic lingers at around 75% in Q2. https://wifinowevents.com/news-and-blog/new-numbers-wi-fi-share-of-us-mobile-traffic-lingers-at-around-75/

  2. HACKERNOON. A hacker intercepted your WiFi traffic, stole your contacts, passwords, & financial data. https://hackernoon.com/a-hacker-intercepted-your-wifi-traffic-stole-your-contacts-passwords-financial-data-heres-how-4fc0df9ff152

  3. Cimpanu C. Hacker group has been hijacking DNS traffic on D-link routers for three months. https://www.zdnet.com/article/hacker-group-has-been-hijacking-dns-traffic-on-d-link-routers-for-three-months

  4. Miley J. Starbucks’ free WiFi hijacked computers of customers to mine cryptocurrency. https://interestingengineering.com/starbucks-free-wifi-hijacked-computers-of-customers-to-mine-cryptocurrency

  5. Group LNR. Arpwatch, the ethernet monitor program; for keeping track of ethernet/IP address pairings. https://ee.lbl.gov/

  6. Ramachandran V, Nandi S (2005) Detecting ARP spoofing: an active technique. In: Proceedings of ICISS, pp 239–250

    Google Scholar 

  7. Shijia O. Security report of China public WiFi in 2017. http://www.chinadaily.com.cn/business/tech/2017-03/08/content_28474488.htm

  8. Security T. 2018 mobile security report by tencent mobile security lab (in Chinese). https://m.qq.com/security_lab/news_detail_471.html

  9. Greenberg A. Researchers found they could hack entire wind farms. https://www.wired.com/story/wind-turbine-hack/

  10. Torralba C. Student admitted to ARP spoofing his school network through android device. https://www.androidauthority.com/student-admitted-to-arp-spoofing-his-school-network-through-android-device-49129/

  11. Whitewinterwolf.com. DHCP exploitation guide. https://www.whitewinterwolf.com/posts/2017/10/30/dhcp-exploitation-guide/

  12. Pritchett WL, De Smet D (2013) Kali Linux cookbook. Packt Publishing

    Google Scholar 

  13. Gao D, Lin H, Li Z, Qian F, Chen QA, Qian Z, Liu W, Gong L, Liu Y (2021) A nationwide census on WiFi security threats: prevalence, riskiness, and the economics. In: Proceedings of ACM MobiCom, pp 242–255

    Google Scholar 

  14. Plummer DC et al. (1982) An ethernet address resolution protocol: or converting network protocol addresses to 48.bit ethernet address for transmission on ethernet hardware. RFC 826:1–10

    Google Scholar 

  15. Stallings W, Brown L, Bauer MD, Bhattacharjee AK (2012) Computer security: principles and practice. Pearson Education, Upper Saddle River

    Google Scholar 

  16. Salgueiro P, Diaz D et al. (2011) Using constraints for intrusion detection: the NeMODe system. In: Proceedings of PADL, pp 115–129

    Google Scholar 

  17. Group IW et al. (2016) IEEE standard for wireless LAN medium access control (MAC) and physical layer (PHY) specifications. IEEE Std 802.11-2016 (Revision of IEEE Std 802.11-2012) 802(11):1–3534

    Google Scholar 

  18. Wustrow, E., et al.: Telex: Anticensorship in the network infrastructure. In: Proceedings of USENIX security, p 45

    Google Scholar 

  19. Houmansadr A, Nguyen GT, Caesar M, Borisov N (2011) Cirripede: circumvention infrastructure using router redirection with plausible deniability. In: Proceedings of ACM CCS, pp 187–200

    Google Scholar 

  20. IANA Special-use IPv4 addresses, RFC3330. Tech. rep. (2002)

    Google Scholar 

  21. Bouch A, Kuchinsky A, Bhatti N (2000) Quality is in the eye of the beholder: meeting users’ requirements for internet quality of service. In: Proceedings of ACM CHI, pp 297–304

    Google Scholar 

  22. Shneiderman B (1984) Response time and display rate in human performance with computers. ACM Comput Surv 16(3):265–285

    Article  Google Scholar 

  23. Padmanabhan R, Owen P, Schulman A, Spring N (2015) Timeouts: beware surprisingly high delay. In: Proceedings of ACM IMC, pp 303–316

    Google Scholar 

  24. Korhonen J, Wang Y (2005) Effect of packet size on loss rate and delay in wireless links. In: Proceedings of IEEE WCNC, pp 1608–1613

    Google Scholar 

  25. Liu B, Lu C, Duan H, Liu Y, Li Z, Hao S, Yang M (2018) Who is answering my queries: understanding and characterizing interception of the DNS resolution path. In: Proceedings of USENIX security, pp 1113–1128

    Google Scholar 

  26. Maxim M, Pollino D (2002) Wireless security. McGraw-Hill/Osborne

    Google Scholar 

  27. Bellardo J, Savage S (2003) 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In: Proceedings of USENIX security, pp 2–2

    Google Scholar 

  28. Report C. Phicomm: security vulnerabilities. https://www.cvedetails.com/vulnerability-list/vendor_id-16810/Phicomm.html

  29. Report C. Vulnerability of phicomm hotspots: CVE-2019-19117. https://cxsecurity.com/cveshow/CVE-2019-19117/

  30. Conti M, Dragoni N, Lesyk V (2016) A survey of man in the middle attacks. IEEE Commun Surv Tutorials 18(3):2027–2051

    Article  Google Scholar 

  31. Abad CL, Bonilla RI (2007) An analysis on the schemes for detecting and preventing ARP cache poisoning attacks. In: Proceedings of IEEE ICDCS, pp 60–60

    Google Scholar 

  32. Singh A et al. (2008) Vulnerability analysis for DNS and DHCP. In: Vulnerability analysis and defense for the internet, pp 111–124

    Google Scholar 

  33. Bruschi D, Ornaghi A, Rosti E (2003) S-ARP: a secure address resolution protocol. In: Proceedings of IEEE ACSAC, pp 66–74

    Google Scholar 

  34. Melsen T, Blake S (2006) MAC-forced forwarding: a method for subscriber separation on an ethernet access network. Tech. rep., RFC 4562

    Google Scholar 

  35. Wifi8.com. Selective broadcasting in metro station. http://www.wifi8.com/

  36. Han H, Sheng B, Tan CC, Li Q, Lu S (2011) A timing-based scheme for rogue AP detection. IEEE Trans Parallel Distrib Syst 22(11):1912–1925

    Article  Google Scholar 

  37. Fahl S et al. (2012) Why eve and Mallory love android: an analysis of android SSL (in)security. In: Proceedings of ACM CCS, pp 50–61

    Google Scholar 

  38. Li Z, Wang W, Wilson C, Chen J, Qian C, Jung T, Zhang L, Liu K, Li X, Liu Y (2017) FBS-radar: uncovering fake base stations at scale in the wild. In: Proceedings of NDSS

    Google Scholar 

  39. Springborn K, Barford P (2013) Impression fraud in on-line advertising via pay-per-view networks. In: Proceedings of USENIX security, pp 211–226

    Google Scholar 

  40. Congdon P, Aboba B, Smith A, Zorn G, Roese J (2003) IEEE 802.1X remote authentication dial in user service (RADIUS) usage guidelines. RFC 3580:1–30

    Google Scholar 

  41. Balakrishnan K (2018) Exponential distribution: theory, methods and applications. Routledge

    Google Scholar 

  42. Nagelkerke NJ et al. (1991) A note on a general definition of the coefficient of determination. Biometrika 78(3):691–692

    Article  MathSciNet  MATH  Google Scholar 

  43. Dmitry K, Roland D (2011) Application of S-shaped curves. Proc Eng 9:559–572

    Article  Google Scholar 

  44. Von Bertalanffy L (1968) General system theory. New York 41973(1968):40

    Google Scholar 

  45. Goldfarb A, Tucker C (2011) Online display advertising: targeting and obtrusiveness. INFORMS Market Sci 30(3):389–404

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Tsinghua University, Beijing, Beijing, China

    Zhenhua Li

  2. Peking University, Beijing, Beijing, China

    Yafei Dai

  3. Shanghai Jiao Tong University, Shanghai, Shanghai, China

    Guihai Chen

  4. Tsinghua University, Beijing, Beijing, China

    Yunhao Liu

Authors
  1. Zhenhua Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yafei Dai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guihai Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yunhao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this chapter

Cite this chapter

Li, Z., Dai, Y., Chen, G., Liu, Y. (2023). Combating Nationwide WiFi Security Threats. In: Content Distribution for Mobile Internet: A Cloud-based Approach. Springer, Singapore. https://doi.org/10.1007/978-981-19-6982-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-981-19-6982-9_8

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-19-6981-2

  • Online ISBN: 978-981-19-6982-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation