The spread of Wi-Fi router malware revisited

  title={The spread of Wi-Fi router malware revisited},
  author={Hamdi Kavak and Daniele Vernon-Bido and J. Padilla and S. Diallo and Ross Gore},
  booktitle={IEEE CNS 2017},
A study by Hu et al. (2009, PNAS, 106(5)) projected that a targeted malicious attack on Wi-Fi routers could infect a region in two days. The study also argued that the use of WPA security protocol in 60--70% routers would practically prevent such epidemics. This paper revisits their model with current Wi-Fi router data from and a refined data selection method. We examine the temporality and scale of the malware spread applying these two updates. Despite a88% WPA adoption rate, we see… Expand
Epidemic Model of Algorithm-Enhanced Dedicated Virus through Networks
A dedicated worm virus which can pick susceptible routers with kernel density estimation (KDE) algorithm as the attacking tasks automatically is presented and provides a framework for a computer-algorithm-enhanced virus exploration and gives some insights on offence and defence to both hackers and computer users. Expand
Dropping malware through sound injection: A comparative analysis on Android operating systems
This paper demonstrates that malware modules can be dropped over the air to multiple devices using the same sound medium from approximately four to five meters away and provides solutions for these attack vectors, including modulation and high-peak compression of sound dependent channel frequencies. Expand
Gradual Certification Correspond with Sensual Confidence by Network Paths
Gradual Certification Correspond with Sensual Confidence by Network Paths Copyright c 2017 HSST 956 smartphones, and a gradual certification method which alleviates the inconvenience by risk-level definitions of the data-paths is proposed. Expand
Biologically Inspired Artificial Intelligence Techniques
This chapter argues that the fast-paced development of new cyber-related technologies complicates the classical approach of designing problem-specific algorithms for cyber resilience, and that “general-purpose” algorithms—such as biologically inspired artificial Intelligence (BIAI)—are more suited for such problems. Expand
Big data, agents, and machine learning: towards a data-driven agent-based modeling approach
This paper presents a structured way to integrate Big Data and machine learning techniques at the individual agent-level and describes a conceptual use-case study of an urban mobility simulation driven by millions of geo-tagged Twitter social media messages. Expand
A Data-Driven Approach for Modeling Agents
This dissertation proposes a novel data-driven approach for modeling agents to bridge the research gap and shows that Random Forest-based learning is the most effective for the mobility use case. Expand


On Using Mobility to Propagate Malware
  • S. Sarat, A. Terzis
  • Computer Science
  • 2007 5th International Symposium on Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks and Workshops
  • 2007
An analytical model for estimating the evolution of infections spanning multiple network domains that host mobile nodes is presented and it is shown that popular domains are infected during the early stages of the infection. Expand
WiFi networks and malware epidemiology
A major weakness of WiFi networks is uncovered in that most of the simulated scenarios show tens of thousands of routers infected in as little as 2 weeks, with the majority of the infections occurring in the first 24–48 h. Expand
Wireless spreading of WiFi APs infections using WPS flaws: An epidemiological and experimental study
This paper uses an epidemiological approach, combined with experimental war-driving measurements to investigate the speed of infections spreading in four neighborhoods of Boston, MA, USA, with distinct population and demographics, and indicates that large scale spreading of infections are feasible. Expand
Warkitting: The Drive-by Subversion of Wireless Home Routers
It is shown that it is possible in practice to carry out warkitting attacks with low-cost equipment widely available today and that the volume of credential theft possible through warksitting exceeds current estimates of credential Theft due to phishing. Expand
Understanding the Spreading Patterns of Mobile Phone Viruses
The mobility of mobile phone users is modeled in order to study the fundamental spreading patterns that characterize a mobile virus outbreak and it is found that although Bluetooth viruses can reach all susceptible handsets with time, they spread slowly because of human mobility, offering ample opportunities to deploy antiviral software. Expand
The final nail in WEP's coffin
A novel vulnerability is presented which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet and techniques for real-time decryption of data packets are presented, which may be used under common circumstances. Expand
Detection and analysis of the Chameleon WiFi access point virus
Development of an objective measure of virus success, the impact of product susceptibility, the acceleration of infection and the growth of the physical area covered by the virus are described. Expand
When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals
A novel and practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information and can recover the key with a high successful rate is presented. Expand
Foiling the cracker: A survey of, and improvements to, password security
Some of the problems of current password security are outlined by demonstrating the ease by which individual accounts may be broken, and one solution to this point of system vulnerability, a proactive password checker is proposed. Expand
The memorability and security of passwords – some empirical results
A controlled trial in which, of four sample groups of about 100 first-year students, three were recruited to a formal experiment and of these two were given specific advice about password selection, the incidence of weak passwords was determined by cracking the password file, and the number of password resets was measured from system logs. Expand