Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Denial-of-Service Attacks Threaten Wireless Data Networks

Posted by Soulskill on from the filling-the-ether dept.

alphadogg writes "Forget spam, viruses, worms, malware, and phishing. These threats are apparently old-school when compared to a new class of denial-of-service attacks that threaten wireless data networks. The threats were outlined in a talk in NYC Thursday by Krishan Sabnani, vice president of networking research at Bell Labs, at the Cyber Infrastructure Protection Conference at City College of New York. Sabnani said they are the result of inherent weaknesses in Mobile IP, a protocol that uses tunneling and complex network triangulation to allow mobile devices to move freely from one network to another. 'We need to especially monitor the mobile networks — with limited bandwidth and terminal battery — for DOS attacks,' Sabnani said, adding that the newest DOS attacks on wireless networks involve repeatedly establishing and releasing connections. These attacks are easy to launch and hard to detect, he said."

31 comments

  1. Backward? by Anonymous Coward · · Score: 3, Insightful

    I think they got this backward. The DoS attack is the old school one since there is limited money in it (unless you are an organization that does DoS threat blackmailing, but even those don't make the kind of money that more modern attacks can generate). DoS is the old school one, not the worms, malware, and phishing that the summary claims are old school.

    1. Re:Backward? by phantomfive · · Score: 3, Informative

      No, apparently DDoS attacks are a common use for botnets. Threaten to take down someone's website unless they pay you can get you $500 - $40,000 depending on the website. Here is a cool story talking about one of those cases. Basically an online casino got threatened with a DDoS attack unless he paid, but he didn't pay. So he worked with the ISP to try to keep the website up (which didn't completely succeed at first), and eventually the guy gave up. Then they started investigating to find out who did it. Interesting read.

      --
      Qxe4
  2. I would rather have DOS by dk90406 · · Score: 3, Interesting

    than viruses, worms and malware. DOS can't harm me and my PC(as a private person), only inconvenience. The things are not even comparable. Just another article written by a a journalist who fails to understand basic IT.
    And no, I am not talking about the operating system DOS.

    1. Re:I would rather have DOS by archont · · Score: 3, Funny

      Viruses, worms and malware are like entering your house through the window you forgot to close. DDOS is like entering your house by driving an 18-wheeler into your living room. It's significantly easier to close your window than to rebuild your house using architecture that would make a truck bonuce off it.

    2. Re:I would rather have DOS by __aanmys7397 · · Score: 1

      That's true. DOS attacks are usually only harmful for the company involved.. ie, if a mobile phone carrier is DOS attacked, the customers will think that the service is just bad, and switch over to another network. But if they get a virus, they'll blame themselves.

    3. Re:I would rather have DOS by dk90406 · · Score: 3, Insightful

      Keeping your analogy, a DoS or DDoS is IMO like keeping you and me from entering (or exiting) my house through doors or windows. It will not cost me a lot, unless I am a company, depending on a lot of traffic through the door.
      Your truck would be an ICE breaker that opens my house for all. Not the same, since I would notice a locked down house, but not necessarily someone who crept through my window.

    4. Re:I would rather have DOS by phantomfive · · Score: 2, Insightful

      In this case, a DOS attack can cause you significant pain. It is talking about DOS over a cell phone network, where depending on your dataplan, you may end up with a thousand dollar phone bill. Ouch. Personally I'd rather have my harddrive wiped

      Also, one of the attacks mentioned can drain your battery quickly. Not THAT bad, but still rather annoying.

      --
      Qxe4
    5. Re:I would rather have DOS by archont · · Score: 1

      An analogy can't be 100% accurate, so it's sometimes easy to misinterpret it. Either way, what I meant is: Viruses, worms and other malware exploit particular weaknesses, which you can easily patch. Once that's done, the worm can't get in and is harmless. Now DOS and in particular DDOS is something you can't protect against - it's using brute force to inflict damage - disable clients from accessing the network, hogging up system resources, disk space, spamming the logs, posting rubbish or spam - there's no finese in clogging a server, just like there's little finese in driving a truck into someone's home, with both being rather obvious and evident. And if he lives in a bunker... well you can always just get a tank or more trucks. See?

  3. What attack? by yourassOA · · Score: 3, Insightful

    The article doesn't say anything. New "old school" Dos attacks. I feel dumber for having been suckered into reading the article.

  4. Technical Limitations. by Celeste+R · · Score: 4, Interesting

    DoS is a natural part of the race of technology.

    Can it be used against us? Yes.
    Can we prevent those attacks? Most likely, and with a little time.

    The real question is -how likely- is it to be a problem?

    DoS attacks on the internet can be sent from anywhere.
    DoS attacks on the celluar network can only be sent from within that area. (afaik)

    This limitation alone limits the scope of this type of DoS attack, making it a tool of advance planning and high-profile national security aspects than a tool to be feared by the average Joe.

    --
    There are no perfect answers, only the right questions. More questions at http://foresightandhindsight.blogspot.com/
    1. Re:Technical Limitations. by Mjec · · Score: 1

      Can we prevent those attacks? Most likely, and with a little time.

      Alas, no*. That's the point of DoS: government datacentres have incredible security, hardened buildings that can survive a nuke... but when it comes to it you can cut the fibre and there's no communication. Radio-based data transport is even worse: broadcast some strong noise and there's no more data.

      * Ok, so content servers can use geographically diverse distribution points to limit DoS but most people don't have that... hell, even wikipedia only has three data centres (ergo what, six fibre lines?) you'd need to take out.

      --
      "But everyone should know everything." -markab
  5. A couple points not clear in the summary by phantomfive · · Score: 3, Informative
    There are a couple points that aren't completely clear in the summary. The first is it is talking about connecting to cell phone networks, not WiFi (the best protection against DOS attacks on a wireless network is a baseball bat and a firewall). It is not talking about WiFi, thus the baseball bat defense doesn't work. Quote from the article:

    "One cable modem user with 500Kbps upload capacity can attack over 1 million mobile users simultaneously," he said.

    He then goes on to discuss the types of attacks and statistical techniques you can use to detect them. Honestly I don't see how the problem wouldn't be solved with a firewall. If the mobile devices don't have static IP addresses (some do, I'm not sure what percentage), it will be hard to implement any of the attacks described.

    --
    Qxe4
    1. Re:A couple points not clear in the summary by Anonymous Coward · · Score: 3, Informative

      The article is an ad for an Alcatel-Lucent IDS/Firewall product. That aside, the two scenarios which are actually attacks (the others aren't really attacks but broken devices and unexpected usage) are relatively unsurprising and straight forward. The first is a denial of service through overloading a stateful network component. (There is a reason why the internet was designed as a dumb network... NAT is going to bite you again, you have been warned.) The second is a classic "make the target do something costly" attack; In this case "something costly" is staying on the network to process small bits of useless data, thus draining the battery.

    2. Re:A couple points not clear in the summary by Zayin · · Score: 1

      The first is it is talking about connecting to cell phone networks, not WiFi (the best protection against DOS attacks on a wireless network is a baseball bat and a firewall).

      How will you locate the device causing the DoS in a WiFi network? If you don't know the location, your baseball bat won't do much (good|harm). Also, a firewall won't do anything to protect against a deauthentication DoS attack on WiFi (which is one of the most efficient, if not the most efficient, DoS attacks known to date).

      --
      "I'd rather have a full bottle in front of me than a full frontal lobotomy"
    3. Re:A couple points not clear in the summary by phantomfive · · Score: 1

      I pick up the baseball bat, look around at people in the area, see who has a laptop, and explaining that we have a hacker and asking them one by one questions about their network, and looking at their computers. If you're still around by the time I get to you, then you have balls of iron. But you won't for long.

      Assuming it's a long distance directional attack, then I can move the router 10 feet to the left and fix the problem. In the worst case I can run wire out to everyone who is using it.

      Your second point is good, also a WiFi jammer (assuming you can get one) would completely destroy any signal, but when I brought up the firewall, I was mainly thinking of defending against remote, internet based attacks, some of which a firewall would do nothing against, but the attacks he described would not be able to go around a firewall, because they rely on being able to connect to the client.

      --
      Qxe4
  6. Easy to Detect, hard to trace by sam0737 · · Score: 2, Insightful

    DoS should be easy to detect...you know when something is DoS'ed or Slashdotted. I think he means it's hard to trace the source.

  7. Mobile virus? by Anonymous Coward · · Score: 1, Insightful

    Associated with a virus for mobile this technique can become a huge problem for the providers!

  8. Just fearmongering by puhuri · · Score: 3, Interesting

    That was total crap, was he selling some solution for it?

    At first, I do not know any large-scale deployment of Mobile-IP. 3G networks provide mobility below IP and they do not use any "complex network triangulation" in it. Mobile-IP does have its weakness, but AFAIK the latest RFCs should provide quite solid (not worse-than-fixed) protection from DOS.

    You can somewhat DOS high-speed data channels in 3G networks by sending packets with at intervals, but that is limited to single sector in base station, so that is not a big problem either. Battery drain DOS can be a real problem, but that is pretty much solved if you close your browser and your data channel is closed. If you do not have active data connections, nobody can sen you packets.

    Again, was it some North-Zimbabwe 3G provider that took hit from 4.5GB data transfer? Last time I checked, it was less than 10 second traffic volume at small-country 3G providers. From "peer-to-peer Web sites".

    1. Re:Just fearmongering by EtaCarinae · · Score: 1

      Yet TFA provided examples of 3G disruptions.

      I for one can easily imagine scenarios where our mobile networks are heavily degraded due to viruses on phones and maybe even due to subtle DoS attacks between operators! I know there are products where operators actually may drain (very little) of its own customer's battery time to make measurements on its competitors' coverage. It's a war out there. Possibly the radio networks have to be governmentally run in the long run.

      I have no idea how hardened the signaling in RRC etc in 3G/LTE is against DoS attacks. Maybe very little energy is needed to fake paging, disrupt calls, degrade bit-rates etc. Don't dismiss the wires yet!

    2. Re:Just fearmongering by Anonymous Coward · · Score: 0

      "I do not know any large-scale deployment of Mobile-IP"

      It is used in the optus network in Australia.

    3. Re:Just fearmongering by ADenyer · · Score: 1

      Battery drain DOS can be a real problem, but that is pretty much solved if you close your browser and your data channel is closed. If you do not have active data connections, nobody can sen you packets.

      Which is fine unless you're using a BlackBerry...

  9. Mobile IP by Anonymous Coward · · Score: 0

    Is Mobile IP actually widely in use? If so, where is it used and how?

  10. Great.... by Anonymous Coward · · Score: 0

    As if all the kids downloading iPhone farting apps wasn't bad enough, now there are DOS attacks to bog down AT&T's network... :-(

  11. Another idea by nauseum_dot · · Score: 1

    working_connection != multicast_traffic + WIFI

    --
    Crap! I just kissed my karma good-bye.
  12. Spam? by Lord+Lode · · Score: 1

    Can't send spam to a device that's denied of service - I think I know what's more dangerous.

  13. Continuous Preamble by Anonymous Coward · · Score: 2, Informative

    It's real easy to DOS wireless devices. Its called Continuous Preamble. This has been around for years.

  14. The risk potential by SinShiva · · Score: 1

    The risk potential of DDoSing cellular networks primarily occurs during a homeland attack. while the scope of the attack is obviously small, theoretically this could be used in conjunction with precision attacks to further prevent help/rescue as needed. otherwise, the value of such an attack is relatively minimal and i'm sure this type of attack can be prevented. these attacks sound mostly like a proof-of-concept.

  15. Or the FIOS guys by Anonymous Coward · · Score: 0

    Wouldn't it be annoying if that is what caused my network to slow to a slug's pace the day after the FIOS guys came to my door and I told them I wasn't planning to give up my copper? When I told them my cable net doesn't slow down when my neighbors are online, because I don't have neighbors online, they didn't quite admit openly that though FIOS doesn't slow down, it starts out slower. They did seem disappointed they had come all that way (unbidden) and didn't sell me their product.
    I am curious about the coincidence in timing.
    Maybe it is time to close my open wireless. I never had any reason to, before.

  16. Lucky for you... by commodoresloat · · Score: 2, Funny

    you don't have to choose! you can have both!

  17. Wireless networks by mysidia · · Score: 1

    Limited range, limited risk... At least mobile networks normally require identification of end-nodes. 802.11b is at limited risk to a DoS attack, because there are a limited number of people in an area, and you would have some idea of who is responsible....

    By the way, certain vendors have "Rogue Access Point" Containment functions which are essentially a DDoS attack; WCS which plays man-in-the-middle attack against a target AP, and uses N APs to send disassociate and deregister commands to clients of a target AP.

    Or at level 4 containment, can play a game called flood-the-"rogue"-AP-with-fake-clients, i.e. spamming it with associate/de-associates....