what it professionals need to know about sniffing wireless traffic in 2016

SESSION ID:

#RSAC

Dr. Avril Salter, CCNP-W

What IT Professionals Need to Know about Sniffing Wireless Traffic in 2016

MBS-R05

Wireless Implementation ArchitectSalter & Associates@avrilsalterUSA

#RSAC

What We Are Discussing

2

Emerging antenna

technologies

Implications to wireless network

security

#RSAC

Privacy Rights

Electronic Communications Privacy Act (ECPA)

Protects e-mail messages from interception and disclosure to third parties

Wiretap Act

Federal law protecting privacy of communications

Intercept, disclose, or use the contents of any

Wire

Oral

Electronic communication

Exceptions allows employers to monitor communications in the ordinary course of business

#RSAC

Protocol and Spectrum Analyzers

4

Protocol Analyzer Spectrum Analyzer

#RSAC

Which Networks Can You Sniff?

5

Technology

Wi-Fi

Cellular

Bluetooth

ZigBee

Influencing Factors

Different network adapter

Range depends on

Transmit power

Receiver antenna gain

Frequency bands

#RSAC

Defining MIMO

6

n transmit antennas

m receiveantennas

Input into the RF medium

Output from the RF medium

Multiple Inputantennas

Multiple Outputantennas

+

= n x m MIMO

… …

#RSAC

Multi-Antenna Technologies

7

Mechanism Performance advantage

Spatial Multiplexing Higher user data rates

Space Time Coding Improves SNR

- Coverage

Beamforming Extends the range where

higher data rates can be attained

Multi-User MIMO Increases throughput

#RSAC

Spatial Multiplexing

8

3x3 MIMO2x2 MIMO

MIM

O M

app

ing

S1

S2

a11 S1 + a12 S2

a21 S1 + a22 S2

MIM

O M

app

ing

S1

S2

a11 S1+ a12 S2 + a13 S3

a21 S1 + a22 S2+ a23 S3

a31 S1 + a32 S2+ a33 S3 S3

#RSAC

Spatial Multiplexing

9

Number of receive antennas ≥ Transmit antennas

#RSAC

Implications

10

Are you capturing all the wireless traffic?

#RSAC

Beamforming

11

#RSAC

Creating Radiation Patterns

12

In theory

N * (N - 1) beams

N - 1 nulls

g1Ø1 g2Ø2 g8Ø8g3Ø3 g4Ø4 g5Ø5 g6Ø6 g7Ø7

#RSAC

Antenna Reciprocity

13

It is common practice to describe antenna characteristics from the perspective of the transmitter

#RSAC

Implications

14


#RSAC

Multi-User MIMO

15

Transmit to multiple users

On same frequency channel

At the same time

#RSAC

Multi-User MIMO

16


#RSAC

Massive MIMO

17

#RSAC

What You Need To Know

18

MU-MIMO

Mobile networks

LTE Advanced

Wi-Fi networks

802.11ac

5G

Omni-directional antennas

IoT networks

ZigBee

WirelessHart

ISA100-11a

Wi-SUN

Bluetooth Low Energy

#RSAC

What About IoT Networks

19

Requires explicit feedback

Size and power performance limitations

Multi-hop mesh for reliability

#RSAC

Implications

20

Over-the-air captures are significantly more complex

Arguably some wireless networks are more secure

Hackers would need techniques that minimize use of MU-MIMO

E.g. Disruptive interference

#RSAC

What You Should Do Now

21

Know the limitations of the antenna technologies you are using for analyzing over-the-air traffic

Understand disruptive techniques and how to identify them

#RSAC

Thank you for listening

22

www.linkedin.com/in/avrilsalter@avrilsalterUSA

http://www.linkedin.com/in/avrilsalter