A nationwide census on wifi security threats: Prevalence, riskiness, and the economics

Di Gao, Hao Lin, Zhenhua Li, Feng Qian, Qi Alfred Chen, Zhiyun Qian, Wei Liu, Liangyi Gong, Yunhao Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Carrying over 75% of the last-mile mobile Internet traffic, WiFi has inevitably become an enticing target for various security threats. In this work, we characterize a wide variety of real-world WiFi threats at an unprecedented scale, involving 19 million WiFi access points (APs) mostly located in China, by deploying a crowdsourced security checking system on 14 million mobile devices in the wild. Leveraging the collected data, we reveal the landscape of nationwide WiFi threats for the first time. We find that the prevalence, riskiness, and breakdown of WiFi threats deviate significantly from common understandings and prior studies. In particular, we detect attacks at around 4% of all WiFi APs, uncover that most WiFi attacks are driven by an underground economy, and provide strong evidence of web analytics platforms being the bottleneck of its monetization chain. Further, we provide insightful guidance for defending against WiFi attacks at scale, and some of our efforts have already yielded real-world impact - -effectively disrupted the WiFi attack ecosystem.

Original languageEnglish (US)
Title of host publicationACM MobiCom 2021 - Proceedings of the 27th ACM Annual International Conference On Mobile Computing And Networking
PublisherAssociation for Computing Machinery
Pages242-255
Number of pages14
ISBN (Electronic)9781450383424
DOIs
StatePublished - Oct 11 2021
Event27th ACM Annual International Conference On Mobile Computing And Networking, MobiCom 2021 - New Orleans, United States
Duration: Oct 25 2021Oct 29 2021

Publication series

NameProceedings of the Annual International Conference on Mobile Computing and Networking, MOBICOM

Conference

Conference27th ACM Annual International Conference On Mobile Computing And Networking, MobiCom 2021
CountryUnited States
CityNew Orleans
Period10/25/2110/29/21

Bibliographical note

Funding Information:
We sincerely thank the anonymous reviewers for their insightful and detailed comments, as well as the shepherd for guiding us through the revision process. We also appreciate Prof. Tianyin Xu for his valuable advice and participation in the early stage of the study. This work is supported in part by the National Key R&D Program of China under grant 2018YFB1004700, the National Natural Science Foundation of China (NSFC) under grants 61822205, 61632020, 61632013 and 61902211, and the Beijing National Research Center for Information Science and Technology (BNRist).

Publisher Copyright:
© 2021 ACM.

Keywords

  • countermeasures
  • threat ecosystem
  • wifi & mobile security

Fingerprint Dive into the research topics of 'A nationwide census on wifi security threats: Prevalence, riskiness, and the economics'. Together they form a unique fingerprint.

Cite this