Cyber security patrol- Detecting fake and vulnerable WiFi-enabled printers

Jinghui Toh, Muhammad Hatib, Omer Porzecanski, Yuval Elovici

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

Many printers nowadays support Wi-Fi connectivity. Some organizations opt to disable their printer's wireless connectivity, others are not aware at all that it is enabled and some enable it in an encrypted form. In this paper we demonstrate how an application called "pFaker" running on a mobile device or smart watch can be used to mimic a printer's Wi-Fi connectivity and functionalities in order to harm user privacy by unobtrusively stealing print jobs. To mitigate these risks, we developed a mobile application called "Cyber-Security Patrol". We demonstrate how a mobile phone running Cyber-Security patrol can be placed on a drone or an autonomous vacuum cleaner to search for devices that try to mimic the printer's Wi-Fi connectivity and for printers that expose unsecured wireless connection in the target organization. Cyber-Security Patrol takes photos of the location where unauthorized Wi-Fi enabled printers were detected and sends them to the organization's administrator. For cases that the Wi-Fi enabled printer is legitimate but unsecured, Cyber Security Patrol sends a print job to the printer with detailed instructions on how to secure the specific printer model as identified based on its Service Set Identifier (SSID).

Original languageEnglish
Title of host publication32nd Annual ACM Symposium on Applied Computing, SAC 2017
PublisherAssociation for Computing Machinery
Pages535-542
Number of pages8
ISBN (Electronic)9781450344869
DOIs
StatePublished - 3 Apr 2017
Event32nd Annual ACM Symposium on Applied Computing, SAC 2017 - Marrakesh, Morocco
Duration: 4 Apr 20176 Apr 2017

Publication series

NameProceedings of the ACM Symposium on Applied Computing
VolumePart F128005

Conference

Conference32nd Annual ACM Symposium on Applied Computing, SAC 2017
Country/TerritoryMorocco
CityMarrakesh
Period4/04/176/04/17

Keywords

  • Data leakage prevention
  • Man-in-The-middle (MITM) attack
  • Rogue access point
  • Wi-Fi security
  • Wi-Fi spoofing

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Cyber security patrol- Detecting fake and vulnerable WiFi-enabled printers'. Together they form a unique fingerprint.

Cite this