SlideShare a Scribd company logo

Attacking Automatic Wireless Network Selection

A
amiable_indian

Attacking Automatic Wireless Network Selection - Dino A. Dai Zovi and Shane A. Macaulay

Technology
1 of 29
“ All your layer are belong to us” Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Wireless Auto Configuration Algorithm ,[object Object],[object Object]
Wireless Auto Configuration Algorithm ,[object Object]
Wireless Auto Configuration Algorithm ,[object Object],[object Object],[object Object],[object Object]
Wireless Auto Configuration Algorithm ,[object Object],[object Object]
Wireless Auto Configuration Algorithm ,[object Object],[object Object],[object Object]
Attacking Wireless Auto Configuration ,[object Object],[object Object],[object Object]
Attacking Wireless Auto Configuration ,[object Object]
Attacking Wireless Auto Configuration ,[object Object],[object Object],[object Object]
Wireless Auto Configuration Attacks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Wireless Auto Configuration 0day ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Packet trace of Windows XP associating using random SSID ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
“ First of all, there is no ‘we’…”
Vulnerable PNL Configurations ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
How do you like them Apples? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A Tool to Automate the Attack ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
KARMA Attacks Radioed Machines Automatically
More Dirty Pictures… ,[object Object]
L1: Creating An ALL SSIDs Network ,[object Object],[object Object],[object Object],[object Object],[object Object]
L2: Creating a FishNet ,[object Object],[object Object],[object Object],[object Object]
FishNet Services ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Fingerprinting FishNet Clients ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
L5: Exploiting FishNet Clients ,[object Object],[object Object],[object Object],[object Object],[object Object]
Transparent HTTP Proxy Exploit Server ,[object Object],[object Object],[object Object],[object Object],[object Object]
Client-Side Exploits ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Attacking Application Auto Updates ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Boron Client-Side Agent ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object]

Recommended

Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksNortheast Ohio Information Security Forum
 
The state of wireless security
The state of wireless security The state of wireless security
The state of wireless security Filip Waeytens
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tatSensePost
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliPriyanka Aash
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
Security tools
Security toolsSecurity tools
Security toolsGreater Noida Institute Of Technology
 

Recommended

Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksNortheast Ohio Information Security Forum
 
The state of wireless security
The state of wireless security The state of wireless security
The state of wireless security Filip Waeytens
 
Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22Improvement in Rogue Access Points - SensePost Defcon 22
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
 
Rat a-tat-tat
Rat a-tat-tatRat a-tat-tat
Rat a-tat-tatSensePost
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliPriyanka Aash
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
Security tools
Security toolsSecurity tools
Security toolsGreater Noida Institute Of Technology
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014Chong-Kuan Chen
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primeramiable_indian
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsAPNIC
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
 
2012 S&P Paper Reading Session1
2012 S&P Paper Reading Session12012 S&P Paper Reading Session1
2012 S&P Paper Reading Session1Chong-Kuan Chen
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008ClubHack
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Hack wifi password using kali linux
Hack wifi password using kali linuxHack wifi password using kali linux
Hack wifi password using kali linuxHelder Oliveira
 
Addios!
Addios!Addios!
Addios!Chong-Kuan Chen
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X WayStephan Borosh
 
Firewall
FirewallFirewall
FirewallManikyala Rao
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar Santhosh Kumar
 
Huiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackHuiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackGeekPwn Keen
 
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingVi Tính Hoàng Nam
 
Nessus v6 command_line_reference
Nessus v6 command_line_referenceNessus v6 command_line_reference
Nessus v6 command_line_referenceCraig Cannon
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection SystemsSam Bowne
 
Nick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseNick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseGeekPwn Keen
 
Security Proposal
Security ProposalSecurity Proposal
Security Proposalchris20854
 
Wireless Abc
Wireless AbcWireless Abc
Wireless Abcchris20854
 

More Related Content

What's hot

Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primeramiable_indian
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsAPNIC
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
 
2012 S&P Paper Reading Session1
2012 S&P Paper Reading Session12012 S&P Paper Reading Session1
2012 S&P Paper Reading Session1Chong-Kuan Chen
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008ClubHack
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Hack wifi password using kali linux
Hack wifi password using kali linuxHack wifi password using kali linux
Hack wifi password using kali linuxHelder Oliveira
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X WayStephan Borosh
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar Santhosh Kumar
 
Huiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackHuiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackGeekPwn Keen
 
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingVi Tính Hoàng Nam
 
Nessus v6 command_line_reference
Nessus v6 command_line_referenceNessus v6 command_line_reference
Nessus v6 command_line_referenceCraig Cannon
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection SystemsSam Bowne
 
Nick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseNick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseGeekPwn Keen
 

What's hot (20)

Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
The Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A PrimerThe Top 10/20 Internet Security Vulnerabilities – A Primer
The Top 10/20 Internet Security Vulnerabilities – A Primer
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
 
2012 S&P Paper Reading Session1
2012 S&P Paper Reading Session12012 S&P Paper Reading Session1
2012 S&P Paper Reading Session1
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
Hack wifi password using kali linux
Hack wifi password using kali linuxHack wifi password using kali linux
Hack wifi password using kali linux
 
Addios!
Addios!Addios!
Addios!
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X Way
 
Firewall
FirewallFirewall
Firewall
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense Firewall
 
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
OWASP Appsec USA 2014 Talk "Pwning the Pawns with Wihawk" Santhosh Kumar
 
Huiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackHuiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attack
 
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijacking
 
Nessus v6 command_line_reference
Nessus v6 command_line_referenceNessus v6 command_line_reference
Nessus v6 command_line_reference
 
Ch 13: Network Protection Systems
Ch 13: Network Protection SystemsCh 13: Network Protection Systems
Ch 13: Network Protection Systems
 
Nick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseNick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with nose
 

Viewers also liked

Security Proposal
Security ProposalSecurity Proposal
Security Proposalchris20854
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksSensePost
 
Wireless Isp Overview
Wireless Isp OverviewWireless Isp Overview
Wireless Isp Overviewjvsihag
 
ISP business plan
ISP business plan ISP business plan
ISP business plan ontor omi
 
Group 3 (Revised) Network Design Proposal Presentation
Group 3 (Revised) Network Design Proposal PresentationGroup 3 (Revised) Network Design Proposal Presentation
Group 3 (Revised) Network Design Proposal PresentationJan Aldrich Dorado
 
Network proposal
Network proposalNetwork proposal
Network proposalWaldo Botha
 
British Attempts to educate India
British Attempts to educate IndiaBritish Attempts to educate India
British Attempts to educate IndiaVandana Thakur
 
Network Design
Network DesignNetwork Design
Network Designcornimar
 
Faster to 5G
Faster to 5GFaster to 5G
Faster to 5GEricsson
 
History of Education in India: During The British Period.
History of Education in India: During The British Period.History of Education in India: During The British Period.
History of Education in India: During The British Period.Sadanand Patwardhan
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal pptFrankNitty II
 
Education and British Rule
Education and British RuleEducation and British Rule
Education and British RuleKaranveer Singh
 

Viewers also liked (16)

Security Proposal
Security ProposalSecurity Proposal
Security Proposal
 
Wireless Abc
Wireless AbcWireless Abc
Wireless Abc
 
ZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana AttacksZaCon 2015 - Zombie Mana Attacks
ZaCon 2015 - Zombie Mana Attacks
 
Wireless Backhaul
Wireless BackhaulWireless Backhaul
Wireless Backhaul
 
Wireless Isp Overview
Wireless Isp OverviewWireless Isp Overview
Wireless Isp Overview
 
ISP business plan
ISP business plan ISP business plan
ISP business plan
 
Macaulay
MacaulayMacaulay
Macaulay
 
Group 3 (Revised) Network Design Proposal Presentation
Group 3 (Revised) Network Design Proposal PresentationGroup 3 (Revised) Network Design Proposal Presentation
Group 3 (Revised) Network Design Proposal Presentation
 
Very High Density (vhd) 802.11ac Wireless Network Design and Deployment Basics
Very High Density (vhd) 802.11ac Wireless Network Design and Deployment BasicsVery High Density (vhd) 802.11ac Wireless Network Design and Deployment Basics
Very High Density (vhd) 802.11ac Wireless Network Design and Deployment Basics
 
Network proposal
Network proposalNetwork proposal
Network proposal
 
British Attempts to educate India
British Attempts to educate IndiaBritish Attempts to educate India
British Attempts to educate India
 
Network Design
Network DesignNetwork Design
Network Design
 
Faster to 5G
Faster to 5GFaster to 5G
Faster to 5G
 
History of Education in India: During The British Period.
History of Education in India: During The British Period.History of Education in India: During The British Period.
History of Education in India: During The British Period.
 
Network proposal ppt
Network proposal pptNetwork proposal ppt
Network proposal ppt
 
Education and British Rule
Education and British RuleEducation and British Rule
Education and British Rule
 

Similar to Attacking Automatic Wireless Network Selection

Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hackingphanleson
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer AttacksArun Modi
 
4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and DefencesSensePost
 
Wardriving & Kismet Introduction
Wardriving & Kismet IntroductionWardriving & Kismet Introduction
Wardriving & Kismet IntroductionLance Howell
 
Pentesting layer 2 protocols
Pentesting layer 2 protocolsPentesting layer 2 protocols
Pentesting layer 2 protocolsAbdessamad TEMMAR
 
Web Server(Apache),
Web Server(Apache), Web Server(Apache),
Web Server(Apache), webhostingguy
 
Web Server(Apache),
Web Server(Apache), Web Server(Apache),
Web Server(Apache), webhostingguy
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 

Similar to Attacking Automatic Wireless Network Selection (20)

Mobile Security - Wireless hacking
Mobile Security - Wireless hackingMobile Security - Wireless hacking
Mobile Security - Wireless hacking
 
Network And Application Layer Attacks
Network And Application Layer AttacksNetwork And Application Layer Attacks
Network And Application Layer Attacks
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In Detail
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Hacking
HackingHacking
Hacking
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
 
Attacks and Defences
Attacks and DefencesAttacks and Defences
Attacks and Defences
 
Wardriving & Kismet Introduction
Wardriving & Kismet IntroductionWardriving & Kismet Introduction
Wardriving & Kismet Introduction
 
08 tcp-dns
08 tcp-dns08 tcp-dns
08 tcp-dns
 
Pentesting layer 2 protocols
Pentesting layer 2 protocolsPentesting layer 2 protocols
Pentesting layer 2 protocols
 
Web Server(Apache),
Web Server(Apache), Web Server(Apache),
Web Server(Apache),
 
Web Server(Apache),
Web Server(Apache), Web Server(Apache),
Web Server(Apache),
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
Network security
Network securityNetwork security
Network security
 

More from amiable_indian

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commonsamiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentestersamiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in Indiaamiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyamiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Codingamiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissectedamiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunityamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentationamiable_indian
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualizationamiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization amiable_indian
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Timeamiable_indian
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics? amiable_indian
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Tellingamiable_indian
 

More from amiable_indian (20)

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
 

Recently uploaded

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 

Recently uploaded (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 

Attacking Automatic Wireless Network Selection

  • 1. “ All your layer are belong to us” Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14. “ First of all, there is no ‘we’…”
  • 15.
  • 16.
  • 17.
  • 18. KARMA Attacks Radioed Machines Automatically
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.