In densely populated urban areas WiFi routers form a tightly interconnected proximity network that can be exploited as a substrate for the spreading of malware able to launch massive fraudulent attack and affect entire urban areas WiFi networks. In this paper we consider several scenarios for the deployment of malware that spreads solely over the wireless channel of major urban areas in the US. We develop an epidemiological model that takes into consideration prevalent security flaws on these routers. The spread of such a contagion is simulated on real-world data for geo-referenced wireless routers. We uncover a major weakness of WiFi networks in that most of the simulated scenarios show tens of thousands of routers infected in as little time as two weeks, with the majority of the infections occurring in the first 24 to 48 hours. We indicate possible containment and prevention measure to limit the eventual harm of such an attack.
Deep Dive into WiFi Epidemiology: Can Your Neighbors Router Make Yours Sick?.
In densely populated urban areas WiFi routers form a tightly interconnected proximity network that can be exploited as a substrate for the spreading of malware able to launch massive fraudulent attack and affect entire urban areas WiFi networks. In this paper we consider several scenarios for the deployment of malware that spreads solely over the wireless channel of major urban areas in the US. We develop an epidemiological model that takes into consideration prevalent security flaws on these routers. The spread of such a contagion is simulated on real-world data for geo-referenced wireless routers. We uncover a major weakness of WiFi networks in that most of the simulated scenarios show tens of thousands of routers infected in as little time as two weeks, with the majority of the infections occurring in the first 24 to 48 hours. We indicate possible containment and prevention measure to limit the eventual harm of such an attack.
or preventing their infection. Further, as routers need to be within relatively close proximity to each other to communicate wirelessly, an attack can now take advantage of the increasing density of WiFi routers in urban areas that creates large geographical networks where the malware can propagate undisturbed. Indeed, many WiFi security threats have been downplayed based on the belief that the physical proximity needed for the potential attack to occur would represent an obstacle for attackers. The presence nowadays of large ad-hoc networks of routers make these vulnerabilities considerably more risky than previously believed.
Here we assess for the first time the vulnerability of WiFi networks of different US cities by simulating the wireless propagation of malware, a malicious worm spreading directly from wireless router to wireless router. We construct an epidemiological model that takes into ac-
count several widely known and prevalent weaknesses in commonly deployed WiFi routers’ security 3,8 , (e.g., default and poor password selection and cracks in the WEP cryptographic protocol 9 ). The WiFi proximity networks over which the attack is simulated are obtained from real-world geographic location data for wireless routers. The infection scenarios obtained for a variety of US urban areas are troublesome in that the infection of a small number of routers in most of these cities can lead to the infection of tens of thousands of routers in a week, with most of the infection occurring in the first 24 hours. We address quantitatively the behavior of the spreading process and we provide specific suggestions to minimize the WiFi network weakness and mitigate an eventual attack.
WiFi networks. WiFi routers, even if generally deployed without a global organizing principle, define a self-organized proximity communication network. Indeed, any two routers which are in the range of each other’s WiFi signal can exchange information and may define an ad-hoc communication network. These networks belong to the class of spatial or geometric networks in that nodes are embedded in a metric space and the interaction between two nodes strongly depends on the range of their spatial interaction 10,11,12,13 .
In this perspective, one might wonder if the actual deployment of WiFi routers is sufficient at the moment to generate large connected networks spanning sizeable geographic areas. This problem, equivalent to the percolation of giant connected component in graph theory 14,15 , is however constrained by the urban area’s topology and demographic distribution dictating the geographical locations of WiFi routers. Here we consider WiFi networks as obtained from the public worldwide database of the Wireless Geographic Logging Engine (WiGLE) website 16 . The database collects data on the worldwide geographic location of wireless routers and counts more than 10 million unique networks on just under 600 million observations 17 , providing good coverage of the wireless networks in the United States and in North Central Europe. The data provide a wealth of information that include, among other things, the routers’ geographic locations (expressed in latitude LAT and longitude LON ) and their encryption sta-
tuses. In particular, we focused on the wireless data extracted from seven urban areas or regions within the United States -Chicago, Boston, New York City, San Francisco Bay Area, Seattle, and Northern and Southern Indiana. Starting from the set of vertices corresponding to georeferenced routers in a given region, we construct the proximity network 10,11,12,13 by drawing an edge between any two routers i and j located at p i = (LON i , LAT i ) and p j = (LON j , LAT j ), respectively, whose geographical distance d( p i , p j ) is smaller than the maximum interaction radius R int (i.e., d( p i , p j ) ≤ R int ), as shown in Figure 1A. In the WiFi networks, the maximum interaction radius R int strongly depends on the local environment of any specific router.
In practice, R int ranges from 15m for a closed office with poor transmission to approximately 100m outdoors 18 . For simplicity, we assume that R int is constant, independent of the actual location of a given router, and we consider four different values of the maximum interaction radius -R int ∈ {15m, 30m, 45m, 100m} -analyzing the resulting networks for each of the seven regions under study. A more detailed account of the network construction procedure and the filtering methods used to minimize potential biases introduced by the data collection mechanisms are described in the Materials and Method section.
In Figure 1B we report an illustration of the giant component of the network obtained in the Chicago area for different values of R int . It is possible to observe that despite the clear geographical embedding and the city constraints, a large network of more than 48,000 routers spans the downtown area for R int set to 45 meters. The degree distributions of the giant co
…(Full text truncated)…
This content is AI-processed based on ArXiv data.
