| Developers: | University of Waterloo |
| Date of the premiere of the system: | November 2022 |
| Branches: | Electrical and Microelectronics |
2022: Drone announcement
On November 8, 2022, University of Waterloo researchers identified a Wi-Fi security threat that allows third-party devices to localize a connected device through walls and determine its location. Experts have created a drone capable of determining the location of devices connected to Wi-Fi through walls with an accuracy of a meter.
To get answers from devices on a wireless network, the Wi-Peep device used weaknesses in the Wi-Fi IEEE 802.11 standard. At first, Wi-Peep forged a request to transmit a signal, forcing all devices to immediately send a response, which Wi-Peep detected and used to determine the MAC addresses of all devices. After determining the MAC addresses, Wi-Fi sent an unencrypted data packet to the target device. Without proper encryption, this packet could not control the device; however, thanks to "Polite Wi-Fi," the device sent an acknowledgement, regardless of the contents of the package.
This confirmation effectively closed the loop between Wi-Peep and the target device, allowing Wi-Peep to locate the device using a flight time (ToF) measurement combined with a localization model. Measurements accurately determined the position of the device with an accuracy of about a meter, which makes this localization method extremely effective.
The Wi-Peep device demonstrates how even in a password-protected network, external sources can quickly, secretly, and reliably determine the position of intelligent devices without connecting to the target network. This could allow attackers to locate expensive items or personnel in a secure building.
Developers can prevent ToF measurements using variable short inter-frame space (SIFS). The University of Waterloo group noted that the randomness of SIFS between devices can cause problems, but their algorithm corrects the variability of SIFS at the level of each device if SIFS is constant. Using the SIFS variable instead of the constant SIFS, developers can add enough randomness to the ToF dimensions to block localization.[1]
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |