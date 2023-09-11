Byliv

Avduking av ny teknologi og kraften til AI

Teknologi

Nytt angrep 'WiKI-Eve' tillater tyveri av numeriske passord gjennom WiFi-signaler

ByRobert Andrew

September 11, 2023
A team of university researchers in China and Singapore has discovered a new attack called “WiKI-Eve” that can intercept the cleartext transmissions of smartphones connected to modern WiFi routers and deduce individual numeric keystrokes with an accuracy rate of up to 90%. This attack takes advantage of a feature known as BFI (beamforming feedback information) introduced in WiFi 5 (802.11ac) in 2013. BFI allows devices to send feedback about their position to routers for more accurate signal direction. However, this data exchange contains sensitive information in cleartext form, making it vulnerable to interception and misuse.

The WiKI-Eve attack is a real-time attack that intercepts WiFi signals during password entry on a smartphone. The attacker must first identify the target using an identity indicator such as a MAC address. Preparation involves analyzing network traffic and user behavior to link the target’s physical device to their digital traffic. Once the target is identified, the attacker captures the victim’s BFI time series during password entry using a traffic monitoring tool like Wireshark.

Each time the target presses a key, it causes a distinct WiFi signal to be generated due to the impact on the WiFi antennas behind the screen. The attacker records these signals and uses a machine learning technique called “1-D Convolutional Neural Network” to parse the captured data and recognize keystrokes consistently, regardless of typing styles.

The researchers conducted experiments using WiKI-Eve with different phone models and participants typing various passwords under different conditions. The results showed that WiKI-Eve could infer six-digit numerical passwords with an 85% success rate in under a hundred attempts. However, the distance between the attacker and the access point significantly affects the success rate. Increasing the distance from 1m to 10m resulted in a 23% drop in successful guesses.

In addition, the researchers tested the attack on WeChat Pay passwords and found that WiKI-Eve correctly deduced the passwords at a rate of 65.8%. The model consistently predicted the correct password within its top 5 guesses in over 50% of the tests.

This attack highlights the need for heightened security measures in WiFi access points and smartphone apps. Possible solutions include keyboard randomization, encryption of data traffic, signal obfuscation, CSI scrambling, WiFi channel scrambling, and other protective measures.

Kilde: arxiv.org

