Multi-Channel Man-in-the-Middle Attacks Against Protected Wi-Fi Networks: A State of the Art Review
Multi-Channel Man-in-the-Middle (MitM) attacks are special MitM attacks capable of manipulating encrypted Wi-Fi wireless frames between two legitimate endpoints. Since its inception in 2014, attackers have been targeting WPA Wi-Fi networks to perform different attacks, such as cipher downgrades, denial of service, key reinstallation Man-in-the-Middle (MitM) attacks (KRACK) in 2017, and recently FragAttacks in 2021, which widely impacted millions of Wi-Fi Multi-Channel MitM (MC-MitM) devices, especially IoT devices. To the best of our knowledge, there are no studies in the literature that KRACK holistically review the different types of Multi-Channel MitM enabled attacks and analyze their potential Internet of Things (IoT) impact. To this end, we evaluate the capabilities of Multi-Channel MitM and review every reported attack in Encryption the state of the art. We examine practical issues that hamper the total adoption of protection mechanisms, i.e., Security security patches and Protected Management Frames (PMF), and review available defense mechanisms in FragAttacks confronting the Multi-Channel MitM enabled attacks in the IoT context. Finally, we highlight the potential research problems and identify future research lines in this field.
READ FULL TEXT