Researchers at NCSU help improve security of Wi-Fi networks.
September 26, 2011
By Tori Stilwell
The next time you're mainlining caffeine at the local coffee shop only to be disrupted by the Wi-Fi connection's glacial speed, take a look around. It may be your neighbor - not your computer - that's slowing you down.
Researchers at N.C. State University are one step closer to improving wireless security against such attacks after developing a way to measure the impact the jams cause on Wi-Fi technologies.
Wenye Wang, an associate professor who teaches computer and wireless networking, said people often attack Wi-Fi networks to increase their own speed at the expense of others. Wang, who was on the N.C. State research team, said that while the attacks do not harm other users' computers, they do slow down others' wireless connections. The attacks are often introduced on public wireless networks where they cause the greatest inconvenience.
"Wi-Fi is so popular, many people use Wi-Fi every day, but the technology is very simple," she said. "Because it's very simple, almost everyone can introduce some attack."
Jumping in line
Wang and her team developed a metric to measure how much damage attacks cause to the network, such as how much speed, or bandwidth, is gained by the attacker. Wi-Fi attackers increase their bandwidth by "back-off misbehavior," where they alter their computer's coding to increase their chances of being served by the network.
Wang compared the problem to a checkout line where only one person can be served at a time.
"If you find that the cashier is busy, you say, 'OK, I'm going to come back later to see if the cashier is available.' Suppose everyone is going to observe the rules and everyone has an equal chance to get served. The attacker comes back quicker.
"It's like cutting a queue: 'I just want to get online quickly, and as long as I manipulate my computer a little bit, I can get much faster bandwidth and a much higher chance of getting on the network.' "
Meanwhile, other users simply think the network is down or being slow, Wang said.
Zhuo Lu, a third-year Ph.D. student who worked on the team with Wang, said there are two ways attackers try to "cut the queue:" by coming back nonstop until they are identified and disabled by the network, or by coming back and blocking access more sporadically, which makes the attack harder to spot.
"The point of our research is to let people know which type of attack is more harmful than the others so then we can design responding counter-measures," Lu said. "Wi-Fi was designed in about 2000. There's no full security mechanism in Wi-Fi, so some people may try to take advantage of it and get more benefits at the cost of other people."
Time Warner Cable spokeswoman Melissa Buscher called the attacks "a potential issue" but wouldn't comment further on the problem.
"There are methods of detection and mitigation, but for the security of our network, we don't discuss the measures publicly," Buscher said.
Wang said it's hard to know how widespread a problem the attacks are, but someone well-versed in coding could likely jam a network. And while public networks are often the targets of such attacks, private connections aren't immune. She said she hopes the research can be used to improve the security measures networks use to counter these types of attacks.
"It's a very easy strategy. All the students in my class, they know how to do it," she said. "Even with a network with a password, it's just one more step: You need to break the password."