My NDSS 2019 presentation of Nearby Threats: Reversing‚ Analyzing‚ and Attacking Google's “Nearby Connections” on Android
This week I've been in San Diego CA for the The Network and Distributed System Security Symposium (NDSS) 2019 conference.
I've presented our paper about Nearby Threats: Reversing, Analyzing, and Attacking Google’s ‘Nearby Connections’ on Android.
Please have a look at the slides, at the, Soft AP manipulation PoC and the reddit thread.
The camera-ready version of Nearby Threats: Reversing‚ Analyzing‚ and Attacking Google's “Nearby Connections” on Android is available here
We also released a proof of concept code to perform the Soft AP manipulation attack. The code was previously disclosed to Google. In summary, the attack allows a malicious Nearby Connections server (advertiser) to redirect a client to a malicious Internet connected access point. As a result the attacker can reconfigure the wireless network interface of the victim via DHCP and gets access to all the Wi-Fi traffic (even traffic from non Nearby Connections applications).
I'm very happy to announce that our paper titled Nearby Threats: Reversing‚ Analyzing‚ and Attacking Google's “Nearby Connections” on Android has been accepted for the The Network and Distributed System Security Symposium (NDSS). Here you can download a pre-print. Here is the list of accepted papers for NDSS 2019 Soon I'll update more material such an exploit PoC code.
Congratulations to Kasper and Nils and thank you for the help.