Abstract

The recent rise in complex Wi-Fi vulnerabilities indicates the critical need for effective Wi-Fi protocol testing tools. We present a directed fuzzing methodology named GREYHOUND that automatically tests the Wi-Fi client implementations against vulnerabilities like crashes or non-compliant behaviours. Leveraging a holistic Wi-Fi protocol model, GREYHOUND directs the fuzzer in specific states of target Wi-Fi client. By exchanging mutated packets with a Wi-Fi client, GREYHOUND aims to induce the client to exhibit anomalous behaviours that badly deviate from Wi-Fi protocols. We have implemented GREYHOUND and evaluated it on a variety of real-world Wi-Fi clients, including smartphone, Raspberry Pi, IoT device microcontrollers and a medical device. Our evaluation indicates that GREYHOUND not only automatically discovers known vulnerabilities (including KRACK and Dragonslayer) that would require specialized verification otherwise, but, more importantly, it also has uncovered four new vulnerabilities in popular Wi-Fi clients. All discovered vulnerabilities are confirmed by manufacturers and assigned three different common vulnerability exposures. Furthermore, our evaluation with three existing Wi-Fi fuzz testing tools reveals that they fail to discover any of the vulnerabilities uncovered by GREYHOUND. Last but not the least, we have deployed GREYHOUND to discover KRACK and DragonSlayer within the Wi-Fi client implementation of automotive head units.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Deploying Medical Devices In Both Wi-Fi Bands
Chris Bolinger
Biomedical Instrumentation & Technology | VOL. 46
Chris BolingerChris Bolinger
01 Mar 2012
Protocol Violations in the WiFi Distributed Coordination Function of Raspberry Pi 4
Bjorn Ivar Teigen ... Jim Torresen
-
Bjorn Ivar Teigen, et. al.Bjorn Ivar Teigen ... Jim Torresen
30 Mar 2022
Utilizing a Test Lab For Wireless Medical Devices
Allie Paquette
Biomedical Instrumentation & Technology | VOL. 45
Allie PaquetteAllie Paquette
01 Sep 2011
Artificial Intelligence Enabled Smart City IoT System using Edge Computing
Lakshmi Narayana Thalluri ... Addepalli V S Y Narayana Sarma
-
Lakshmi Narayana Thalluri, et. al.Lakshmi Narayana Thalluri ... Addepalli V S Y Narayana Sarma
07 Oct 2021
View more papers

More From: IEEE Transactions on Dependable and Secure Computing

Paper Title
Journal
Date
Author
IMIH: Imperceptible Medical Image Hiding for Secure Healthcare
Ping Ping ... Pan Wei
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Ping Ping, et. al.Ping Ping ... Pan Wei
01 Sep 2024
Sine: Similarity is Not Enough for Mitigating Local Model Poisoning Attacks in Federated Learning
Harsh Kasyap ... Somanath Tripathy
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Harsh Kasyap, et. al.Harsh Kasyap ... Somanath Tripathy
01 Sep 2024
Concise RingCT Protocol Based on Linkable Threshold Ring Signature
Junke Duan ... Xiaoya Hu
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Junke Duan, et. al.Junke Duan ... Xiaoya Hu
01 Sep 2024
MicroFI: Non-Intrusive and Prioritized Request-Level Fault Injection for Microservice Applications
Hongyang Chen ... Zilong He
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Hongyang Chen, et. al.Hongyang Chen ... Zilong He
01 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.