Next generation wireless standards define MU-MIMO, which promises 4x capacity gains. This session compares different multi-antenna technologies (SM, STBC, BF, MU-MIMO). It describes the subtle mistakes wireless security experts make sniffing wireless traffic. It explains how MU-MIMO introduces new challenges in capturing wireless traffic, which could make wireless sniffing near impossible. (Source: RSA USA 2016-San Francisco)

1. SESSION ID:
#RSAC
Dr. Avril Salter, CCNP-W
What IT Professionals Need to
Know about Sniffing Wireless
Traffic in 2016
MBS-R05
Wireless Implementation Architect
Salter & Associates
@avrilsalterUSA

2. #RSAC
What We Are Discussing
2
Emerging
antenna
technologies
Implications to
wireless network
security

3. #RSAC
Privacy Rights
Electronic Communications Privacy Act (ECPA)
Protects e-mail messages from interception and disclosure to third parties
Wiretap Act
Federal law protecting privacy of communications
Intercept, disclose, or use the contents of any
Wire
Oral
Electronic communication
Exceptions allows employers to monitor communications in the ordinary
course of business

4. #RSAC
Protocol and Spectrum Analyzers
4
Protocol Analyzer Spectrum Analyzer

5. #RSAC
Which Networks Can You Sniff?
5
Technology
Wi-Fi
Cellular
Bluetooth
ZigBee
Influencing Factors
Different network adapter
Range depends on
Transmit power
Receiver antenna gain
Frequency bands

6. #RSAC
Defining MIMO
6
n transmit
antennas
m receive
antennas
Input into the
RF medium
Output from the
RF medium
Multiple Input
antennas
Multiple Output
antennas
+
= n x m MIMO
…
…

7. #RSAC
Multi-Antenna Technologies
7
Mechanism Performance advantage
Spatial Multiplexing Higher user data rates
Space Time Coding Improves SNR
- Coverage
Beamforming Extends the range where
higher data rates can be attained
Multi-User MIMO Increases throughput

8. #RSAC
Spatial Multiplexing
8
3x3 MIMO2x2 MIMO
MIMOMapping
S1
S2
a11 S1 + a12 S2
a21 S1 + a22 S2
MIMOMapping
S1
S2
a11 S1+ a12 S2 + a13 S3
a21 S1 + a22 S2+ a23 S3
a31 S1 + a32 S2+ a33 S3
S3

9. #RSAC
Spatial Multiplexing
9
Number of receive antennas ≥ Transmit antennas

10. #RSAC
Implications
10
Are you capturing all the
wireless traffic?

11. #RSAC
Beamforming
11

12. #RSAC
Creating Radiation Patterns
12
In theory
N * (N - 1) beams
N - 1 nulls
g1Ø1 g2Ø2 g8Ø8g3Ø3 g4Ø4 g5Ø5 g6Ø6 g7Ø7

13. #RSAC
Antenna Reciprocity
13
It is common practice to describe antenna characteristics
from the perspective of the transmitter

14. #RSAC
Implications
14
Are you capturing all the
wireless traffic?

15. #RSAC
Multi-User MIMO
15
Transmit to multiple users
On same frequency channel
At the same time

16. #RSAC
Multi-User MIMO
16
Are you capturing all the
wireless traffic?

17. #RSAC
Massive MIMO
17

18. #RSAC
What You Need To Know
18
MU-MIMO
Mobile networks
LTE Advanced
Wi-Fi networks
802.11ac
5G
Omni-directional antennas
IoT networks
ZigBee
WirelessHart
ISA100-11a
Wi-SUN
Bluetooth Low Energy

19. #RSAC
What About IoT Networks
19
Requires explicit feedback
Size and power performance limitations
Multi-hop mesh for reliability

20. #RSAC
Implications
20
Over-the-air captures are significantly
more complex
Arguably some wireless networks are
more secure
Hackers would need techniques that
minimize use of MU-MIMO
E.g. Disruptive interference

21. #RSAC
What You Should Do Now
21
Know the limitations of the
antenna technologies you are using
for analyzing over-the-air traffic
Understand disruptive techniques
and how to identify them

22. #RSAC
Thank you for listening 
22
www.linkedin.com/in/avrilsalter
@avrilsalterUSA