WNV-Detector: automated and scalable detection of wireless network vulnerabilities

Yanxi Huang, Fangzhou Zhu*, Liang Liu, Wezhi Meng, Simin Hu, Renjun Ye, Ting Lv

*Corresponding author for this work

Research output: Contribution to journalJournal articleResearchpeer-review

5 Downloads (Pure)

Abstract

The security of wireless routers receives much attention given by the increasing security threats. In the era of Internet of Things, many devices pose security vulnerabilities, and there is a significant need to analyze the current security status of devices. In this paper, we develop WNV-Detector, a universal and scalable framework for detecting wireless network vulnerabilities. Based on semantic analysis and named entities recognition, we design rules for automatic device identification of wireless access points and routers. The rules are automatically generated based on the information extracted from the admin webpages, and can be updated with a semi-automated method. To detect the security status of devices, WNV-Detector aims to extract the critical identity information and retrieve known vulnerabilities. In the evaluation, we collect information through web crawlers and build a comprehensive vulnerability database. We also build a prototype system based on WNV-Detector and evaluate it with routers from various vendors on the market. Our results indicate that the effectiveness of our WNV-Detector, i.e., the success rate of vulnerability detection could achieve 95.5%.

Original languageEnglish
Article number85
JournalEURASIP Journal on Wireless Communications and Networking
Volume2021
Issue number1
Number of pages21
ISSN1687-1472
DOIs
Publication statusPublished - Dec 2021

Bibliographical note

Funding Information:
This work is supported by the Aeronautical Science Foundation of China under Grant 20165515001, the National Natural Science Foundation of China under Grant No. 61402225, State Key Laboratory for smart grid protection and operation control Foundation, and the Science and Technology Funds from National State Grid Ltd.(The Research on Key Technologies of Distributed Parallel Database Storage and Processing based on Big Data). Weizhi Meng is also supported by H2020-SUICT-03-2018: CyberSec4Europe.

Publisher Copyright:
© 2021, The Author(s).

Keywords

  • Access point
  • Device identification
  • Router
  • Vulnerability detection
  • Wireless network

Fingerprint

Dive into the research topics of 'WNV-Detector: automated and scalable detection of wireless network vulnerabilities'. Together they form a unique fingerprint.

Cite this