Greedy computer hackers using open-source Linux machines could steal more than their fair share of bandwidth from Wi-Fi hotspots, Swiss computer scientists have warned.
At the MobiSys 2004 conference in Boston, Massachusetts on Monday, Imad Aad, of the Swiss Federal Institute of Technology in Lausanne, outlined how changing just one line of code in the Linux operating system could allow hackers to monopolise the bandwidth at hotspots using the 802.11 standard.
As some hotels charge up to a $1 per minute for Wi-Fi access, the problem could become unfairly expensive for users who do not cheat, he says.
He also demonstrated a software tool that would allow Wireless Internet Service Providers (WISPS) to detect such greedy behaviour within a third of a second, by sniffing the rates of data exchange between users and the access point.
WISPs could fine greedy users or cut them off the network, he explains. Aad and his colleagues, Jean-Pierre Hubaux and Maxim Raya, have applied for a patent on the tool, called DOMINO.
The hacks that DOMINO tackles alter the Multiple Access Control (MAC) protocol, one of the series of protocols that govern how bandwidth is distributed between multiple users of the same Wi-Fi access point.
This type of hack became possible when a new generation of Wi-Fi access cards hit the market in 2003. The cards run the MAC protocol in software, rather than hardware. This makes it easy to change when using a Linux computer, on which all the code is openly available.
For example, one line of the MAC protocol randomly assigns each hotspot user a rate for data transfer. The rates are constantly re-assigned so that on average each user receives data at the same rate. But by changing that line of the MAC protocol, a hacker can fix his rate at a high value, and siphon off most or all of the bandwidth.
Aad claims that DOMINO could detect if someone is doing this by monitoring the rate of data flow in the MAC layer. The tool can be set to raise an alarm when one user is receiving data at an abnormally high speed compared to other users.
But other MobiSys delegates point out that DOMINO only tackles cheating in the MAC layer. "There are so many places that you can misbehave to gain advantage," says Adam Wolisz, who listened to the presentation and researches wireless networks at the Technical University of Berlin, Germany.
He suggests that another protocol in the data transfer process, called TCP, could also be hacked. "Maybe MAC should not be considered a priority." But Aad told New Scientist: "It is much more efficient to cheat on the MAC layer than the TCP."
Source: New Scientist