demonstration

Public Access

Seeing the Unseen: The REVEAL Protocol to Catch the Wireless Man-in-the-Middle

Authors:

Santosh Ganji,

P. R. KumarAuthors Info & Claims

S3 '23: Proceedings of the 14th ACM Wireless of the Students, by the Students, and for the Students (S3) Workshop

Pages 3 - 4

https://doi.org/10.1145/3615591.3615678

Published: 02 October 2023 Publication History

PDF eReader

Abstract

In this demonstration, we show a simple, yet effective protocol that detects a wireless Man-in-the-middle (MitM). The proposals that address this classic problem of detecting the MitM in wireless networks typically use knowledge of the attack vectors, rely on fingerprinting methods, and are exclusive to the communication technology. The REVEAL protocol is not so restricted. It poses specific timing-based challenges that force the MiTM to reveal itself, be it half, full, or double full duplex. As a prerequisite, we show that a MitM cannot interfere with the underlying clock synchronization process without getting detected. We demonstrate the capability of the REVEAL protocol to detect MitMs in a 4G/5G network, for which we have built half-duplex, full-duplex, and double-full duplex MitM. Our designs of MitM and REVEAL protocol are publicly available.

References

[1]

J. T. Chiang, J. J. Haas, Y. C. Hu, P. R. Kumar, and J. Choi. 2009. Fundamental Limits on Secure Clock Synchronization and Man-In-The-Middle Detection in Fixed Wireless Networks. In IEEE INFOCOM 2009. 1962--1970. https://doi.org/10.1109/INFCOM.2009.5062118

Crossref

Google Scholar

[2]

Ettus Research. 2023. USRP X310. https://www.ettus.com/all-products/X310-KIT/

Google Scholar

[3]

Santosh Ganji. 2023. Full Duplex Man-in-the-Middle Implementation. https://anonymous.4open.science/r/infinitelooper-08F0/README.md

Google Scholar

[4]

Santosh Ganji. 2023. Demonstration videos of the working system. https://github.com/shotsan/MiM_paper_demo_videos/tree/main

Google Scholar

[5]

srsRAN Project. 2023. open source 4G software radio suite. https://github.com/srsran/srsRAN_4G

Google Scholar

Recommendations

Security Vulnerabilities in Hybrid Flow-Specific Traffic-Adaptive Medium Access Control
HICSS '12: Proceedings of the 2012 45th Hawaii International Conference on System Sciences

Wireless network security is a daunting challenge as researchers analyze the vulnerabilities of wireless medium access control schemes such as IEEE 802.11, Bluetooth, and IEEE 802.16. While these wireless protocols employ traditional contention and non-...
Man in the Browser Attacks

Man-in-the-Browser attacks are a sophisticated new hacking technique associated with Internet crime, especially that which targets customers of Internet banking. The security community has been aware of them as such for time but they have grown in ...
Fragility of the Robust Security Network: 802.11 Denial of Service
ACNS '09: Proceedings of the 7th International Conference on Applied Cryptography and Network Security

The upcoming 802.11w amendment to the 802.11 standard eliminates the 802.11 deauthentication and disassociation Denial of Service (DoS) vulnerabilities. This paper presents two other DoS vulnerabilities: one vulnerability in draft 802.11w ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

S3 '23: Proceedings of the 14th ACM Wireless of the Students, by the Students, and for the Students (S3) Workshop

October 2023

10 pages

ISBN:9798400703423

DOI:10.1145/3615591

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 October 2023

Check for updates

Author Tags

Qualifiers

Demonstration
Research
Refereed limited

Funding Sources

Office of Naval Research
US ARMY
Department of Homeland Security

Conference

ACM MobiCom '23

Sponsor:

SIGMOBILE

ACM MobiCom '23: The 29th Annual International Conference on Mobile Computing and Networking

October 6, 2023

Madrid, Spain

Acceptance Rates

Overall Acceptance Rate 65 of 93 submissions, 70%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
61
Total Downloads

Downloads (Last 12 months)41
Downloads (Last 6 weeks)9

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Recommendations

Security Vulnerabilities in Hybrid Flow-Specific Traffic-Adaptive Medium Access Control

Man in the Browser Attacks

Fragility of the Robust Security Network: 802.11 Denial of Service