摘要
针对现实网络中诸如侧信道攻击、HID攻击等传统的物理攻击,物理隔离被认为是一种较为彻底的抵御网络攻击的安全防护手段。2018年,业界首次提出了一种物理隔离环境下的Wi-Fi隐蔽信道方法——Ghost Tunnel,即在Wi-Fi尚未连接的状态下,无线AP可成功将数据传给发起连接请求的计算机。提出了一种基于Ghost Tunnel方法的攻击框架——GreyFan,利用该攻击框架攻击者可以对未连接Wi-Fi的用户实施无感知攻击,如文件隐蔽传输、任意代码执行等,并分析了相应的防御技术。
For traditional physical attacks such as side channel attacks and HID attacks in real networks,physical isolation is considered to be a relatively complete security protection against network attacks.In 2018,a Wi-Fi hidden channel method in the physical isolation environment——Ghost Tunnel was firstly proposed,that is,in the state that Wi-Fi didn’t connected,the wireless AP could successfully transmit data to the computer that initiates the connection request.An attack framework based on the Ghost Tunnel method——GreyFan was proposed.This attack framework enabled attackers to implement non-aware attacks on users who didn’t connected to Wi-Fi,such as file concealed transmission and arbitrary code execution,etc.The corresponding defense technology was also analyzed.
作者
马栋捷
金成强
陈园
陈铁明
MA Dongjie;JIN Chengqiang;CHEN Yuan;CHEN Tieming(College of Computer Science and Technology,Zhejiang University of Technology,Hangzhou310023,China;Zhejiang Innovation Center of Cyberspace Security,Hangzhou310023,China;Research Center of Industrial Internet,Zhejiang Lab,Hangzhou311100,China)
出处
《电信科学》
2019年第9期85-97,共13页
Telecommunications Science
基金
国家自然科学基金资助项目(No.61202282,No.61772026)
国家自然科学基金与浙江省政府联合项目(No.U1509214)
