Fitsum R. Lakew Wireless Network Security Threat

1,282 views
1,208 views

Published on

Wireless Network Security Threat

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,282
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
30
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Fitsum R. Lakew Wireless Network Security Threat

  1. 1. Wireless Network Security Threats 1 WIRELESS NETWORK SECURITY THREATS FITSUM R. LAKEW Graduate School of Management and Technology Information Technology (MS): Information Assurance Specialization UNIVERSITY OF MARYLAND UNIVERSITY COLLEGE August 15, 2010 Outline Page
  2. 2. Wireless Network Security Threats 2 Abstract …………………………………………………………………………………….3 1. Introduction ……………………………………………………………………………...3 2. Wireless Vulnerabilities, Threats and Countermeasures ……………………………...5 2.1 Network Security Threats ……………………………………………………………...5 2.1.1 Accidental Association …………………………………………………………….. 5 2.1.2 Malicious Associations ……………………………………………………………...6 2.1.3 Passive Eavesdropping ………………………………………………………. …….7 2.1.4 Ad-hoc Networks ……………………………………………………...8 2.1.5 MAC Spoofing (Identity Theft)……………………………………………………...9 2.1.6 Man-in-the-middle Attacks ……………………………………………………..10 2.1.7 Denial of Service ……………………………………………………………..11 3. Consequences of Poor Wireless Network Security ……………………………..12 4. Effective Strategies for Improving Wireless Network Security ……………..............13 4.1 Wireless Security Strategies ……………………………………………………..14 4.1.1 Static IP Address ……………………………………………………………...14 4.1.2 Password Change ……………………………………………………………...15 4.1.3 MAC Filtering ………………………………………………………………15 4.1.4 Encryption ………………………………………………………………16 4.1.5 Use of Anti-virus and Firewalls………………………………………………………16 4.1.6 Educating Users ………………………………………………………………............16 4.2 Network Auditing ………………………………………………………………...........17 5. Conclusion ………………………………………………………………...........17 Wireless Network Security Threats
  3. 3. Wireless Network Security Threats 3 Abstract The growth of information technology has made wireless networking one of the most imperative tools of communication. Business persons and home users have resorted to wireless technology as a way of communicating with business partners and friends. This is because wireless networking is easily accessible, inexpensive and easy to use. For example, the emergence of new technologies has created hot spots where on-the-go laptop users can access internet anywhere be it in shops, home, school, airports or workplaces. However, with all advantages associated with wireless networks, the absence of security threats is inevitable. In the recent years, wireless networks have encountered security threats, which posses risk to information privacy. These security threats are dangerous to business opportunities and the general lives of wireless technology users. Such security threats have forced information technology experts to put into operation technological solutions aimed at curtailing wireless security threats and vulnerabilities. The probability of winning over security threats is high simply because, wireless security is principally a management dilemma. Nevertheless, in order to control wireless security risks, experts must assess the associated security risks and look for modalities of mitigating them. The paper examines various wireless network security threats within a certain environment and provides solutions of eliminating those security threats. (Gast, 2005, pp. 1-12). 1. Introduction
  4. 4. Wireless Network Security Threats 4 Wireless security is a way of thwarting unauthorized entry or destruction of computers through wireless networks. Today, many persons and organizations use wireless networks to manage their interests. Interconnected computers and wireless carded laptop notebooks face many security risks, which compromises the privacy of stored data. For instance, computer hackers have come up with mechanism of breaking into wireless networks with a lot of ease. Interestingly, these hackers deploy wireless technologies to break into wired networks and commit offences. This is the reason why organizations and individuals using wireless networks must look for means and ways of controlling unauthorized entries into private and vital resources available in wireless networks. Wireless technology users continue to suffer by day as wireless security threats keeps on increasing and becoming popular. Moreover, the ignorance of wireless network users has also prompted unauthorized access to wireless networks. For example, when information technology experts introduced wireless networking, security threats seemed less as this particular technology applied only in big organizations and offices. However, as time went by, individuals started using it. Consequently, this became possible for crackers to latch modalities of accessing resources from wireless networks. (Ross, 2008, pp. 3-13). In most cases, some of these security threats associate with wireless protocols, encryption, recklessness and unawareness of computer users either at individual or commercial information technology level. In a rather worrying note, some of the cracking methods that breach network security appear more complicated, and with the presence of Windows and Linux tools, crackers find it easy to institute wireless network threats. Perhaps to start with, we need to relook on the advantages of wired networks both to legible users and crackers or hackers. Primarily, wireless networks exhibit many advantages to legible users. For example, they are cost efficient, convenient, produce expected results, easy to deploy and expand, and finally, easy
  5. 5. Wireless Network Security Threats 5 to integrate with other networks. Nevertheless, some disadvantage worries like security, range of operation, dependability and network speed appear to limit its applications. With these worrying issues, nobody is able to predict the efficiency and security of wired networks. In addition, unofficial access points, transmittable SSIDS, and unknown MAC addresses remain paramount security threats. However, with Wireless Local Area Network troubleshooting techniques like Fluke, Network General and Network Instruments, wireless network users can eliminate or avoid security threats. (Min-kyu, Robles, Hong, & Kim, 2008, p. 78). 2. Wireless Vulnerabilities, Threats and Countermeasures The normal wireless network composes of three fundamental components and the user. Under this scenario, the user becomes actually the fourth component. The first component is radio frequency, which help in the transmission of information from one point to another. Secondly, there are access points for connecting with other networks. The third component is of course, IT devices (Client devices) such as desktop computers, laptop computers and PDAs. Ironically, network threats target these components leading to network security aims like confidentiality, integrity and accessibility. 2.1 Network Security Threats 2.1.1 Accidental Association Unauthorized entry into wireless networks occurs in different ways. Although many of them occur intentionally, there is one which is accidental. Accidental association is a wireless network security breach that exposes confidential information of a proprietary company elsewhere. In most cases, this happens between two nearby wireless networks. A user can turn on a client device only to find overlapping data that belongs to the neighbor. This kind of security breach sometimes known as mis-association is majorly accidental but, in rare cases it can be
  6. 6. Wireless Network Security Threats 6 deliberate especially when an attacker aims to connect a personal computer to the neighboring wireless network access points (APs). 2.1.2 Malicious Associations This particular wireless network security threat is intentional and the attacker aims to obtain information from a particular wireless network. In order to access such information, requires components like wireless devices and cracking laptops. The cracking laptop will act as an access point while, the wireless device will link the cracking laptop and the wireless network. One characteristic with these cracking laptops (soft access points) is that, they actually resemble the targeted access points. Consequently, when an attacker inserts a wireless network card, the system unlocks and somebody can now access any data. After such a successful unlawful entry, the cracker can now access passwords, instigate new network hitches, or deposit viruses and trojans into the network. Perhaps one advantage associated with wireless networks is that they operate at layer 2 and layer 3. Thus, the available security protection mechanism, which includes network authentication and virtual private networks (VPNs), cannot control malicious association. On the other hand, research shows that wireless 802.1x authentications previously believed by many as secure, as of now, crackers can still enter a wireless network. However, in wireless networks safeguarded by wireless 802.1x authentications, crackers tend to target Layer 2 networks rather than virtual private networks (VPNs). This is because Layer 2 is easier to crack than VPNs. (Kelley, 2003, pp. 60-69).
  7. 7. Wireless Network Security Threats 7 2.1.3 Passive Eavesdropping This is another wireless network security threat where an attacker scrutinizes every session happening within the wired network. In most case, the attackers target the payload in order to get private information. The payload contains very secure plaintext information, which an attacker can access through flouting the encryption. In fact, this type of security threat appears simple in that attackers need access transmission only. For instance, using directional antenna, crackers are able to detect wireless transmissions (802.1) even at miles away. This makes the wireless network more vulnerable to attack as one cannot physically control transmission detection. Most users believe that deployment of wireless networks includes rearrangement of access points with encryption. Nonetheless, this is never the same as majority of wireless network APs contain many vulnerabilities such as wired equivalent privacy (WEP) and the 802.11 wireless security standards. Through passive eavesdropping, an attacker can obtain
  8. 8. Wireless Network Security Threats 8 transmittable data and also use other means to examine packets of data transmitted in a particular session. Furthermore, attackers can use directional antenna to determine the basis, destination, dimension and period of transmissions. Thus, it is very clear transmissions can compromise data privacy by inviting attacks. (Welch 2003, pp. 2-3). 2.1.4 Ad-hoc Networks This particular networks can execute wireless security threats and allow unlawful data access. Experts create ad-hoc networks by connecting wireless computers without necessarily using access points. Thus, it is very much clear that these wireless network lack efficient protection. Nevertheless, when building such networks, experts tend to deploy encryption methods as security measures. Through Ad-hoc networking, experts create a security hole believing that it will offer the necessary security and prevent any intended malice. However, these experts do not understand that within a corporate environment, some versions of Microsoft Windows operating system have security breach that can allow easy access of data. This can be a challenge to many users who are not in a situation to identify unsecured Ad-hoc network within the computer’s operating system. The scenario is even worse when a user uses the same Ad-not
  9. 9. Wireless Network Security Threats 9 network computers for a wired network. This is because a viaduct forms linking the corporate network with an unsecured Ad-hoc connection, which create vulnerable access points. A viaduct can either be direct or indirect. The direct viaduct occurs when users join two access points while an indirect bridge or viaduct occurs when many computers draws resources form the server. Of the two, indirect bridge or viaduct appears more unsecure than the direct one. Firstly, individual or corporate data executed through perceived secure wired networks, can appear on an attacker’s end note computer drive and then be retrieved through an unsecured Ad-hoc network. Secondly, viruses or trojans exposed to a particular wireless network through an unsecure Ad-hoc connection can create a pathway to private data hence, a security threat. Captivatingly, this type of security threat does not require password cracking as crackers can enter malevolent codes to an unsuspecting user’s end node arrangement and thereby access information through an Ad-hoc network. (Welch, 2003, pp. 2-6). 2.1.5 MAC Spoofing (Identity Theft) This threat is a bit complicated in that crackers manufacture devices, which can enable them to eavesdrop in on network traffic and thereby make out the computer’s MAC address that has got varied network dispensations. Although most wireless network characterize with MAC filtering, which is ideally, a security practice that allows authorized wireless network access using MAC identification cards, research shows that crackers can develop software programs with “sniffing” capabilities, and hence obtain secure addresses such as MAC addresses. Perhaps, the only scenario where MAC filtering appears protective is when users operate small residential (SOHO) networks. This is because under SOHO networks, wireless devices are “off the air” making it hard to detect MAC addresses. However, with bigger wireless networks, the 802.11 wireless devices are evidently “on the air”. The disadvantage associated with such networks is
  10. 10. Wireless Network Security Threats 10 that when the 802.11 device is “on the air”, it carries unencrypted MAC address right at the header, and with simple software programs or equipments, crackers can obtain the MAC address. For instance, the combination of freeware wireless packet analyzer together with 802.11 wireless receivers such as computer laptops and wireless adapters can enable some one to retrieve the MAC address of transmitting wireless networks, of course, within 802.11 assortments. Thus, it is very clear MAC filtering does not offer enough security to transmitting networks as users perceive. (Min-kyu, Robles, Hong, & Kim, 2008, pp. 84-87). 2.1.6 Man-in-the-middle Attacks Research shows that crackers targeting wireless networks find it easier to obtain private information at Layer 2 and Layer 3. This is because at this stage, encryption dominates in the transmitted packets making it easier to access heading information at second or third data link layer. Nevertheless, if a user deploys virtual protocol networks (VPNs) or IPsec security, the probability of accessing header information lessens. With the man-in-the-middle attack, unauthorized persons can obtain confidential information from a session or sometimes alter the transmittable packets, which will then compromise the integrity of a particular session. For example, during a wireless network session, a cracker may read and even modify the contents of the original data before the receiver gets it. However, it is not clear to many on how this happens. To start with, a cracker committing man-in-the-middle attack breaks the session in order to detach the connection existing between the target and access points (APs). After successfully detaching the two, the cracker will then connect the actual APs to a wireless card. The wireless card will lead a traffic flow of data from the wireless network to the hacker’s retrieving device. Secondly, the cracker can use wireless equipments to break the wireless network at access points.
  11. 11. Wireless Network Security Threats 11 Consequently, the encrypted tunnel will exhibit vulnerabilities and make private data access easier. (Welch, 2003, p.3) 2.1.7 Denial of Service This is another type of wireless security threat where the attacker repeatedly barrages the targeted wireless network or access points (APs) with spurious requests, intriguing wireless network link communications, stoppage instructions and data. Since the network is not used to these new messages and commands, the access points disassociate the network reveling encryption. On a more worrying note, the system can lock out the legitimate user and sometimes crash. Additionally, the denial of service attacks targets the annihilation of network protocols like the Extensive Authentication Protocol (EAP) in order to access private data. However, this type of security threat is ineffective to a large extent as the attacker cannot access the real
  12. 12. Wireless Network Security Threats 12 individual or corporate data. The interrupted wireless network cannot offload data to any wireless device and in most cases, the network crashes after interruption. Consequently, many users might wonder the reason of performing a denial of service attack if the attacker cannot access organizational data. Nevertheless, there is a reason why malicious attackers decide to perform this security threat. After a successful denial of service attack, the wireless network locks or crashes. This is the time when the malicious attackers take their time to monitor its recovery. As the network recovers, some data can re-transmit to other wireless devices, which includes codes, passwords and IDs. Later on, the crackers will use these factors to together with cracking tools in order to make an unlawful entry into the wireless network. Research shows that feebly encrypted wireless networks such as wired equivalent privacy (WEP) are the most affected due to its numerous tools. (Min-kyu, Robles, Hong, & Kim, 2008, pp. 80-85). 3. Consequences of Poor Wireless Network Security Wireless networks characterize with portability and productivity, and this is the main reason why many people use them either at home or organizational level. In addition, wireless network connections do not use cables but instead, involves plugging in an AP or a router to a client device. Nevertheless, with this open connectivity, the probability of threat attack is high. Thus, the meager security standards in addition to undeveloped technologies, defective implementations and ignorance are some of the factors that lead into the construction of an unsecure wireless network. With these factors dominating the deployment of an unsecure wireless network, hackers and crackers find it easier to make unauthorized entries through the communication medium. Consequently, poor network security leads to the compromise of data and other resources in terms of reliability, accessibility and confidentially. Organizational
  13. 13. Wireless Network Security Threats 13 resources such as fiscal statements, individual data and intellectual information that appear sensitive to the public should receive maximum security to preserve their confidentialities. In most cases, this happens when encryption and security mechanisms within a wireless network appear weak or vulnerable. An intruder can alter, destroy or delete stored data in a wireless network when the system exhibits some deformities in data-synchronization routines that link wireless network users and the back-end storage. In addition to this, security threats such as denial of service can enable crackers use network bandwidth for their own selfish interests. Other consequences associated with poor wireless network securities include resource theft mechanisms such as consumption of disk space and bandwidth, piracy, downloading pornographic materials and entertainment literature via stolen airwaves. Some people can utilize the presence of poor wireless networks to steal information, which is wanted somewhere else. Krishnamurthy, Joseph, &Tanapat, 2002, pp. 157-166). 4. Effective Strategies for Improving Wireless Network Security In most cases, the nature of a wireless network in terms of construction and deployment determines whether the network is prone to security threats such as interception, disruption and alteration. However, experts have come up with various ways of eliminating network threats. For example, eavesdropping, which is very common in at least all wireless networks can be controlled using two major ways. The first one is of course, creating a difficult environment for establishing and seizing wireless signals. Secondly, users can use encryption in order to safeguard privacy even in situations where crackers intercept the network. Two years ago, experts came up with a Wireless Intrusion Prevention System (WIPS), which is sable to thwart all intended security threats. Today, most organizations use this system to protect their wireless networks against security threats.
  14. 14. Wireless Network Security Threats 14 4.1 Wireless Security Strategies 4.1.1 Static IP Address Most hackers access network data through an IP address. It is therefore paramount to look for modalities of preventing this. For example, users can disable their IP address function form the server every time when the system is not running. This will lower the chances of logging in failed messages, trial keys and rogue passwords into the network. In addition, deployment of access pint firewalls can help in jamming an unused IP address and retain network confidentiality. Users can also decrease the size of a fastidious subnet to reduce chances of threat attack. This is useful in discouraging man-in-the-middle threats. (Skoudis, 2002, p. 351).
  15. 15. Wireless Network Security Threats 15 Session Attack: (Welch, 2003, p.7) 4.1.2 Password Change Wireless devices come with default passwords. If users fail to change such passwords, some crackers can capitalize on this and enter that wireless network. Thus, it is advisable to change the default passwords of wireless devices in order to minimize security threats. In addition, users should look for unique passwords, and one that includes non-alphanumeric characters to make the network more secure. 4.1.3 MAC Filtering When deploying wireless networks, engineers must create MAC identification filtering as a security strategy. This will allows only users to gain authorized entry into networks characterized by MAC IDs and minimize accidental associations. However, users should not rest assured because crackers can fake MAC IDs and access their networks. 4.1.4 Encryption So far, this has proved to be the most effective way of discouraging wireless network security threats. An encrypted system can show and report some of the threats targeting the system. Luckily, most wireless devices such as APs, caller devices and base stations come with built-in encryptions systems and the user need to turn it on so that it protects the network. (Krishnamurthy, Joseph, &Tanapat, 2002, pp. 160-165). 4.1.5 Use of Anti-virus and Firewalls Some networks collapse due to invasion from trojans and viruses. Just like computers connected to an internet, wireless network computers can also catch malwares, trojans and
  16. 16. Wireless Network Security Threats 16 viruses. Thus, it is advisable to install all wireless network computers with anti-malware programs and update them periodically in order to offer protection. 4.1.6 Educating Users As one constituent of wireless networking, users ought to understand how to protect their wireless systems. Thus, it is quite imperative to train then on the security measures to undertake in order to protect their wireless systems. Most hackers and crackers find their way into other people’s wireless networks due to ignorance of users. Thus, if experts equip these users with strategies of eliminating threats, wireless networks will remain secure. 4.2 Network Auditing Through auditing, users can identify rogue hardware, disjointed access points and wireless functions. This is vital for weak systems such as WEP as tools like Airsnort can correct any existing network anomaly. (Skoudis, 2002, pp. 352-359).
  17. 17. Wireless Network Security Threats 17 5. Conclusion Wireless networks associate with many advantages such as increased productivity and reduced operation costs. Through wireless networks, business opportunities have improved greatly. Today, millions of people work as information technology staff all over the world courtesy of wireless networks. However, with all these numerous benefits, wireless networks encounter deliberate and accidental security threats that lead to information loss or system collapse. Consequently, there is loss of data, confidentiality compromise, interception and disruption of normal processes. If users undertake security measures, they can eliminate these threats and maintain confidentiality.
  18. 18. Wireless Network Security Threats 18 Reference List Gast, M. (2005). 802.11 Wireless Networks: The Definitive Guide. (2nd Ed.). Sebastopol, CA: O’Reilly & Associates. Kelley, D. (2003). The X factor: 802.1x may be just what you need to stop intruders from accessing your network. Information Security, 6(8), 60-69 Krishnamurthy, P., Joseph, K. &Tanapat A. (2002). Security in Wireless Residential Networks. IEEE Transactions on Consumer Electronics, 48(1), 157- 166. Min-kyu, C., Robles, R., Hong, C. & Kim, T. (2008). Wireless Network Security: Vulnerabilities, Threats and Countermeasures. International Journal of Multimedia and Ubiquitous Engineering, 3(3), 77-86. Ross, J. (2008). The Book of Wireless: A Painless Guide to Wi-Fi and Broadband Wireless. (2nd Ed.) San Francisco: No Starch Press. Skoudis, E. (2002). Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses. New Jersey, Upper Saddle River: Prentice Hall. Welch, D. (2003). Wireless Security Threat Taxonomy: Proceedings of the 2003 IEEE. Workshop on Information Assurance. New York: United States Military Academy.

×