Monday Mar 12th, 2007 - 2pm
|Computer Laboratory > Research > Systems Research Group > NetOS > Seminars > Monday Mar 12th, 2007 - 2pm|
Proximity Breeds Danger: Wildfire Worms, Wireless Phishing and Citizen Tracknets in Metro Wi-Fi NetworksKostas G. Anagnostakis
The growing popularity of wireless networks and mobile devices is starting to attract unwanted attention, given the emergence of a critical mass of potential targets for malicious activities. In this study, we try to quantify the threat from large-scale attacks on wireless networks, and, more specifically, Wi-Fi networks in densely populated metropolitan areas. We focus on three likely attack scenarios: "wildfire" worms that can spread contagiously over and across wireless LANs, coordinated citywide phishing campaigns based on wireless spoofing, and rogue systems for compromising location privacy in a coordinated fashion.
To quantify these threats, we rely on real-world data extracted from WiFi maps of large metropolitan areas such as New York City, the Bay Area, and Singapore. Our results suggest that a carefully crafted wireless worm can infect 40-67% of all Wi-Fi connected hosts within 10-35 minutes; that an attacker can launch phishing attacks on more than 20% of all users with just a few hundred zombies under his control; and that around 1,000 zombies are sufficient for creating a tracking system covering up to 90% of a metropolitan area.
(This is joint work with P. Akritidis, V.T. Lam, W.Y. Chin, S. Sidiroglou)
Dr. Kostas Anagnostakis is a Principal Investigator with the Institute for Infocomm Research (I2R) in Singapore. He holds a Ph.D. degree in Computer and Information Science from the University of Pennsylvania, USA, a Master's degree from the same school and a B.Sc. in Computer Science from the University of Crete. His main areas of interest are in distributed systems security, networking, performance evaluation, and in problems that lie at the intersection between computer science and economics.
At I2R, Dr. Anagnostakis is leading a team exploring emerging threats in an increasingly Web-based, wireless and mobile Internet. His current research is funded primarily by the Agency for Science, Technology and Research, and the Singapore Ministry of Defence. Before joining I2R he participated in numerous EU/IST, ONR, and USENIX funded research activities in the USA and Europe, and has published over 40 technical articles in refereed journals and conferences in the areas of security, distributed systems and networking.