New Denial-of-Service Attacks Threaten Wireless Data Networks 31
alphadogg writes "Forget spam, viruses, worms, malware, and phishing. These threats are apparently old-school when compared to a new class of denial-of-service attacks that threaten wireless data networks. The threats were outlined in a talk in NYC Thursday by Krishan Sabnani, vice president of networking research at Bell Labs, at the Cyber Infrastructure Protection Conference at City College of New York. Sabnani said they are the result of inherent weaknesses in Mobile IP, a protocol that uses tunneling and complex network triangulation to allow mobile devices to move freely from one network to another. 'We need to especially monitor the mobile networks — with limited bandwidth and terminal battery — for DOS attacks,' Sabnani said, adding that the newest DOS attacks on wireless networks involve repeatedly establishing and releasing connections. These attacks are easy to launch and hard to detect, he said."
Backward? (Score:3, Insightful)
Re:Backward? (Score:4, Informative)
I would rather have DOS (Score:4, Interesting)
And no, I am not talking about the operating system DOS.
Re: (Score:3, Funny)
Re:I would rather have DOS (Score:4, Insightful)
Your truck would be an ICE breaker that opens my house for all. Not the same, since I would notice a locked down house, but not necessarily someone who crept through my window.
Re: (Score:1)
Re: (Score:1)
Re: (Score:3, Insightful)
Also, one of the attacks mentioned can drain your battery quickly. Not THAT bad, but still rather annoying.
Lucky for you... (Score:3, Funny)
you don't have to choose! you can have both!
What attack? (Score:3, Insightful)
Technical Limitations. (Score:5, Interesting)
DoS is a natural part of the race of technology.
Can it be used against us? Yes.
Can we prevent those attacks? Most likely, and with a little time.
The real question is -how likely- is it to be a problem?
DoS attacks on the internet can be sent from anywhere.
DoS attacks on the celluar network can only be sent from within that area. (afaik)
This limitation alone limits the scope of this type of DoS attack, making it a tool of advance planning and high-profile national security aspects than a tool to be feared by the average Joe.
Re: (Score:2)
Can we prevent those attacks? Most likely, and with a little time.
Alas, no*. That's the point of DoS: government datacentres have incredible security, hardened buildings that can survive a nuke... but when it comes to it you can cut the fibre and there's no communication. Radio-based data transport is even worse: broadcast some strong noise and there's no more data.
* Ok, so content servers can use geographically diverse distribution points to limit DoS but most people don't have that... hell, even wikipedia only has three data centres (ergo what, six fibre lines?) you'd n
A couple points not clear in the summary (Score:4, Informative)
"One cable modem user with 500Kbps upload capacity can attack over 1 million mobile users simultaneously," he said.
He then goes on to discuss the types of attacks and statistical techniques you can use to detect them. Honestly I don't see how the problem wouldn't be solved with a firewall. If the mobile devices don't have static IP addresses (some do, I'm not sure what percentage), it will be hard to implement any of the attacks described.
Re: (Score:3, Informative)
The article is an ad for an Alcatel-Lucent IDS/Firewall product. That aside, the two scenarios which are actually attacks (the others aren't really attacks but broken devices and unexpected usage) are relatively unsurprising and straight forward. The first is a denial of service through overloading a stateful network component. (There is a reason why the internet was designed as a dumb network... NAT is going to bite you again, you have been warned.) The second is a classic "make the target do something cos
Re: (Score:2)
How will you locate the device causing the DoS in a WiFi network? If you don't know the location, your baseball bat won't do much (good|harm). Also, a firewall won't do anything to protect against a deauthentication DoS attack on WiFi (which is one of the most efficient, if not the most efficient, DoS attacks known to date).
Re: (Score:2)
Assuming it's a long distance directional attack, then I can move the router 10 feet to the left and fix the problem. In the worst case I can run wire out to everyone who is using it.
Your seco
Easy to Detect, hard to trace (Score:3, Insightful)
DoS should be easy to detect...you know when something is DoS'ed or Slashdotted. I think he means it's hard to trace the source.
Mobile virus? (Score:1, Insightful)
Just fearmongering (Score:4, Interesting)
That was total crap, was he selling some solution for it?
At first, I do not know any large-scale deployment of Mobile-IP. 3G networks provide mobility below IP and they do not use any "complex network triangulation" in it. Mobile-IP does have its weakness, but AFAIK the latest RFCs should provide quite solid (not worse-than-fixed) protection from DOS.
You can somewhat DOS high-speed data channels in 3G networks by sending packets with at intervals, but that is limited to single sector in base station, so that is not a big problem either. Battery drain DOS can be a real problem, but that is pretty much solved if you close your browser and your data channel is closed. If you do not have active data connections, nobody can sen you packets.
Again, was it some North-Zimbabwe 3G provider that took hit from 4.5GB data transfer? Last time I checked, it was less than 10 second traffic volume at small-country 3G providers. From "peer-to-peer Web sites".
Re: (Score:1)
Yet TFA provided examples of 3G disruptions.
I for one can easily imagine scenarios where our mobile networks are heavily degraded due to viruses on phones and maybe even due to subtle DoS attacks between operators! I know there are products where operators actually may drain (very little) of its own customer's battery time to make measurements on its competitors' coverage. It's a war out there. Possibly the radio networks have to be governmentally run in the long run.
I have no idea how hardened the signalin
Re: (Score:1)
Battery drain DOS can be a real problem, but that is pretty much solved if you close your browser and your data channel is closed. If you do not have active data connections, nobody can sen you packets.
Which is fine unless you're using a BlackBerry...
Another idea (Score:1)
Spam? (Score:2)
Continuous Preamble (Score:2, Informative)
It's real easy to DOS wireless devices. Its called Continuous Preamble. This has been around for years.
The risk potential (Score:1)
Wireless networks (Score:1)
Limited range, limited risk... At least mobile networks normally require identification of end-nodes. 802.11b is at limited risk to a DoS attack, because there are a limited number of people in an area, and you would have some idea of who is responsible....
By the way, certain vendors have "Rogue Access Point" Containment functions which are essentially a DDoS attack; WCS which plays man-in-the-middle attack against a target AP, and uses N APs to send disassociate and deregister commands to c