Researchers from Liverpool University have shown in practice that a computer virus can spread through Wi-Fi access points between homes and companies just as a common cold translates from one person to another.
Researchers conducted a Chameleon virus experiment using a WLAN attack technique to infect access points and collect the credentials of all users connected to Wi-Fi. Then, he seeks to discover other access points, and connects with them and infects them.
The main feature του ιού που τονίζεται από τους ερευνητές είναι το γεγονός ότι ο ιός προσβάλει μόνο τα απροστατευτα Wi-Fi. Μέσω των δικτύων που δεν χρησιμοποιούν κωδικούς πρόσβασης ο Chameleon μπορεί να εξαπλωθεί χωρίς καμία δυσκολία.
In their experiment, the researchers carried out a simulation attack on the cities of Belfast and London. Although the virus can not be transmitted through the access points protected by encrypted passwords, it spreads through unauthorized ones such as airports and cafes.
WiFi connections are increasingly a target for hackers because of their well-documented vulnerabilities, which make it difficult to detect and defend against a virus," said Alan Marshall, Professor of Network Security at the University of Liverpool and one of the authors of the research work.
"We thought it was not possible to develop a virus that could attack wireless networks, but we have proven that it is possible and that it can spread very quickly. Now we are able to use them data που προκύπτουν από τη μελέτη αυτή και να αναπτύξουμε μια νέα τεχνική recognitionif such an attack ever begins," said Marshall.
Attacks such as that described by researchers can be alleviated with the help of intrusion detection systems (IDS). These systems are usually based on the read signal strength indicator (RSSI) readings to locate the device's location.
However, IDS can be bypassed by copying the expected RSSI values. This can be accomplished by placing malicious access points on a similar radius like the target radius, or by processing the RSSI output to be sure it matches the target values.
The research project proposes a more effective strategy for the detection of such viruses. The proposed method by the experts is based on management framework information and is capable of detecting such attacks, while maintaining privacy and user confidentiality.
The research of the University "Detection and analysis of the Chameleon WiFi access point virus,” (PDF) is available on the webσελίδα of EURASIP.
