Autoimmunity Disorder in Wireless LANs

Presented at DEF CON 16 (2008), Aug. 9, 2008, 4:30 p.m. (20 minutes).

An autoimmune disorder is a condition that occurs when the immune system mistakenly attacks and destroys healthy body tissue. This presentation is about discovery of autoimmunity disorder in select open source and commercial 802.11 AP implementations. By sending specially crafted packets, it is possible to trigger autoimmunity disorder and cause AP to turn hostile against its own clients. Eight examples of autoimmune disorder will be demonstrated. Autoimmunity disorder can be exploited to craft new DoS attacks. Although 802.11w promises immunity from DoS attacks, we show that autoimmunity disorder leaves a door open through which DoS attacks can still be launched. One example of DoS attack against MFP(11w) will be demonstrated.

Presenters:

  • Md Sohail Ahmad - Senior Wireless Security Researcher, Airtight Networks Inc.
    Md Sohail Ahmad is a wireless security researcher in AirTight Networks. Mr Ahmad possesses strong background in secure driver development, protocol development, and open source tool development. He is currently working on mitigation of various security aspects of IEEE802.11w and IEEE 802.11n standards and in its implementations. Prior to this, he has also demonstrated the more potent form of Evil Twin Attack called "Multipot" in Defcon-15. He has discovered "Caffe Latte" attack which was presented in ToorCon9, which is about retrieving WEP key from an isolated client in the absence of its authorized access point.
  • Amit Vartak - Senior Wireless Security Researcher, Airtight Networks Inc.
  • JVR Murthy - Senior Wireless Security Researcher, Airtight Networks Inc.

Links: