User Security Behavior on Wireless Networks: An Empirical Study

Authors

Tim Chenoweth, Boise State UniversityFollow
Robert Minch, Boise State UniversityFollow
Sharon Tabor, Boise State UniversityFollow

Document Type

Conference Proceeding

Publication Date

1-2007

DOI

http://dx.doi.org/10.1109/HICSS.2007.589

Abstract

Wireless networks are rapidly becoming ubiquitous but are often insecure and leave users responsible for their own security. We empirically study whether users are successfully securing their client computers when using wireless networks. Automated techniques are used that scan users' machines after they associate with a university wireless network. This determines whether a firewall is being used and what TCP ports are open. Results show that over 9% of 3,331 unique computers scanned were not using a properly configured firewall. In addition, almost 9% had at least one TCP port open, with almost 6% having open ports with significant security implications. We also found and discuss cases where connected computers were compromised by Trojan programs such as SubSeven and NetBus. We discuss the generalizability of our results to other potentially insecure wireless networks, and suggestions for further research.

Copyright Statement

This document was originally published by IEEE in 40th Annual Hawaii International Conference on System Sciences, 2007. Copyright restrictions may apply. DOI: 10.1109/HICSS.2007.589

Publication Information

Chenoweth, Tim; Minch, Robert; and Tabor, Sharon. (2007). "User Security Behavior on Wireless Networks: An Empirical Study". Proceedings of the 40th Hawaii International Conference on System Sciences, 145b - 145b.