Radio Exploitation 101: Characterizing, Contextualizing, and Applying Wireless Attack Methods



What do the Dallas tornado siren attack, hacked electric skateboards, and insecure smart door locks have in common? Vulnerable wireless protocols. Exploitation of wireless devices is growing increasingly common, thanks to the proliferation of RF protocols driven by mobile and IoT. While non-Wi-Fi and non-Bluetooth RF protocols remain a mystery to many security practitioners, exploiting them is easier than one might think.

Join us as we walk through the fundamentals of radio exploitation. After introducing essential RF concepts and characteristics, we will classify and discuss the different types of wireless attacks. As we introduce each new attack, we will draw parallels to similar wired exploits, and highlight attack primitives that are unique to RF. To illustrate these concepts, we will show each attack in practice with a series of live demos.

Attendees will come away from this session with an understanding of the mechanics of radio-based network exploitation, and an awareness of how they can bridge their IP network exploitation skills to the wireless domain.

The final white paper will elaborate on each attack primitives drawing comparisons to analogous attacks on wired networks, the resulting behavior/consequences, recent examples of each attack, and mitigations or limitations for each attack. We think it will be a valuable reference for security researchers who wish to bridge their wired and IP network skills into the wireless domain, and security practitioners who wish to learn more about RF security in general.

Location: BALLROOM 1 Date: August 25, 2017 Time: 4:30 pm - 5:30 pm Matt Knight Marc Newlin