SlideShare a Scribd company logo
1 of 29
Wireless Network Security
Contents:
 What is Wireless Networking
 What is Wireless Security
 Threats to Wireless Networks
 Parking Lot attack
 Security in WLAN 802.11
 Thoughts on Wireless Security
 Conclusion
Wireless Networking?
 A wireless network is a computer network that uses wireless data
connections between network nodes.
 It provides the flexibility and freedom that wired networks lack.
 The main standards in the wireless world are:
 802.11, which describes the Wireless LAN architecture,
 802.16 which describes the Wireless MAN architecture.
Wireless Security ?
 Access Point(AP):
Allows wireless communication device, such as computers to
connect to a wireless network
 Service set Identifier(SSID):
SSID allows wireless clients to communicate with an
appropriate access point. Only clients with correct SSID can
communicate with the AP
Wireless Security(contd.)?
Reasons why wireless networks are more vulnerable to attacks then a wired network are:
 Channel: Involves broadcast communications, which is far more susceptible to
eavesdropping and jamming than wired networks
 Mobility: Wireless devices are far more portable and mobile than wired devices.
 Accessibility: Wireless devices, such as sensors and robots, may be left unattended
in remote and/or hostile locations.
THREAT TO WIRELESS NETWORKS
Following are the threats to Wireless Networks:
Malicious Association:
A wireless device is configured to appear to be a legitimate access point, and then the operator
penetrates the wired network through a legitimate wireless access point.
Ad hoc Network:
These are peer-to-peer networks between wireless computers with no access point
between them. Such networks can pose a security threat due to a lack of a central point of control.
Identify theft (MAC Spoofing):
This occurs when an attacker is able to eavesdrop on network traffic and identify the MAC
address of a computer with network privileges.
PARKING LOT ATTACK
 Wireless Signals are intercepted outside an organization, or
even through the floors in multi-storey buildings.
 “Parking lot” signifies that the attacker sit in the
organization's parking lot and try to access internal hosts via
the wireless network.
SECURITY IN WLAN 802.11
 802.11 Standard
 802.11 Authentication
 Wired Equivalent Privacy(WEP)
 WEP Weakness
 802.1x: EAP over LAN
 802.11i Standard
802.11 Standard
 The 802.11 IEEE standard was standardized in 1997.
 It consists of three layers: Physical layer, MAC (Medium Access Control) layer, and
LLC (Logical Link Control) layer
 The first version of the standard supported only 2 Mbps bandwidth, which
motivated the developing teams to come up with other standards to support up to
54Mbps
802.11 Standard(contd.)
802.11 Authentication:
 Two types of authentications used: Open System Authentication, Shared Key Authentication.
 Open System Authentication:
 Default authentication protocol for the 802.11 standard.
 Consists of a simple authentication request containing the station ID and an authentication
response containing success or failure data
 Upon successful authentication, both stations are considered mutually authenticated.
Shared Key Authentication:
SHARED KEY AUTHENTICATION FLAW
 Shared key authentication can easily be exploited through a passive attack by
eavesdropping.
 WEP uses RC4 stream cipher as its encryption algorithm.
 If both the plaintext and the cipher text are known, the keystream can be
recovered by simply XORing.
 As a result, the attacker can be authenticated to the access point.
 In the WEP (Wired Equivalent Privacy) standard both of the authentication modes
were supported. In the new security standards, it is not recommended to use
shared key authentication
Wired Equivalent Privacy
 It has 2 goals to achieve for Wireless LAN : confidentiality and integrity.
 It uses Encryption to provide confidentiality.
 It uses CRC(Cyclic Redundancy Check) to provide integrity.
WEP Encryption / Decryption
WEP Weakness
 One of the major reasons behind WEP weaknesses is its key length.
 WEP has a 40-bit key , which can be broken in less than five hours using parallel
attacks with the help of normal computer machines[Brown2003] .
 This issue urged vendors to update WEP from using 40-bit to 104-bit key; the new
release is called WEP2.
 WEP does not support mutual authentication.
 CRC (for integrity) lacks the cryptography feature.
802.1x : EAP Over LAN (EAPOL)
 The 802.1x standard was designed for port base authentication for 802 networks.
 EAP (Extensible authentication Protocol) was designed to support multiple
authentication methods over point to point connections without requiring IP.
 It allows any of the encryption schemes to be implemented on top of it.
EAPOL (contd.)
 802.1x framework define 3 ports or entities:
 Supplicant (client want to be authenticated),
 Authenticator (AP that connect the supplicant to the wired network),
 Authentication Server (performs the authentication process from the supplicant based on
their credentials).
802.11i Standard:
 The 802.11i (released June 2004) security standard is supposed to be the final solution to wireless security
issue.
 It improves authentication, integrity and data transfer.
 After final release the full specification was named as WPA2.
 802.11i enhances 802.11 by providing a Robust Security Network (RSN) with two new protocols: the four-
way handshake and the group key handshake.
Four-way handshake:
 AP – Access Point
 STA – Client Station
 PTK – Pairwise Transient Key 64 Bytes (generated by
concatenating PMK, AP nonce (ANonce), STA nonce (SNonce),
AP MAC address, and STA MAC address. The product is then
put through a pseudo-random function.).
 GTK – Group Temporal Key 32 Bytes(used to decrypt multicast
and broadcast message)
 MIC – Message Integrity Code
Group Key Handshake
 The Group Temporal Key (GTK) used in the network may need to be updated due to
the expiration of a preset timer.
 To handle the updating, 802.11i defines a Group Key Handshake that consists of a
two-way handshake:
 The AP sends the new GTK to each STA in the network.
 The GTK is encrypted using the KEK assigned to that STA, and protects the data from
tampering, by use of a MIC.
 The STA acknowledges the new GTK and replies to the AP.
802.11i (contd.)
 To improve data transfer, 802.11i specifies three protocols: TKIP, CCMP and WRAP.
 TKIP (Temporal Key Integrity Management) was introduced as a "band-aid" solution to
WEP problems.
 TKIP provides per-packet key mixing, a message integrity check and a re-keying
mechanism.
 TKIP ensures that every data packet is sent with its own unique encryption key.
802.11i (contd.)
 WRAP (Wireless Robust Authenticated Protocol) is the LAN implementation of the AES
encryption.
 WRAP has intellectual property issues, where three parties have filed for its patent. This
problem caused IEEE to replace it with CCMP
 CCMP (Counter with Cipher Block Chaining Message Authentication Code Protocol) is
considered the optimal solution for secure data transfer under 802.11i.
 CCMP uses AES for encryption.
THOUGHTS ON WIRELESS SECURITY:
WIRELESS SECURITY MEASURES
We can group wireless security measures into those dealing with:
• Wireless Transmissions(threats involves eavesdropping, altering or inserting
messages, and disruption.)
• Wireless Networks
SECURING WIRELESS
TRANSMISSION:
To deal with threats of Wireless Transmission, following two measures can be adopted:
 Signal-hiding technique:
 Involves turning off service set identifier (SSID) broadcasting by wireless access points
 Assigning cryptic names to SSIDs
 Reducing signal strength to the lowest level
 Encryption:
Encryption of all wireless transmission is effective against eavesdropping to the extent that
the encryption keys are secured.
SECURING WIRELESS NETWORK:
Following techniques can be adopted to secure wireless networks:
 Use encryption. Wireless routers are typically equipped with built-in encryption
mechanisms for router-to-router traffic.
 Use antivirus and antispyware software, and a firewall.
 Turn off identifier broadcasting.
 Allow only specific computers to access your wireless network.
“
”
THANK YOU

More Related Content

What's hot (20)

Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Iot architecture
Iot architectureIot architecture
Iot architecture
 
OSI Model
OSI ModelOSI Model
OSI Model
 
Web Security
Web SecurityWeb Security
Web Security
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Internet of Things - module 1
Internet of Things -  module 1Internet of Things -  module 1
Internet of Things - module 1
 
Mobile security
Mobile securityMobile security
Mobile security
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architecture
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Cloud of things (IoT + Cloud Computing)
Cloud of things (IoT + Cloud Computing)Cloud of things (IoT + Cloud Computing)
Cloud of things (IoT + Cloud Computing)
 
Network Layer design Issues.pptx
Network Layer design Issues.pptxNetwork Layer design Issues.pptx
Network Layer design Issues.pptx
 
Ip address and subnetting
Ip address and subnettingIp address and subnetting
Ip address and subnetting
 
Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
IEEE 802.11 Architecture and Services
IEEE 802.11 Architecture and ServicesIEEE 802.11 Architecture and Services
IEEE 802.11 Architecture and Services
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
 
IP Security
IP SecurityIP Security
IP Security
 

Similar to Wireless network security

Chapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxChapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxAmanuelZewdie4
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
Wireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijaythevijayps
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesMichael Boman
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-accessbhanu4ugood1
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonOWASP Delhi
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALASaikiran Panjala
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Wireless security837
Wireless security837Wireless security837
Wireless security837mark scott
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
 

Similar to Wireless network security (20)

Chapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxChapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptx
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Wi Fi Technology
Wi Fi TechnologyWi Fi Technology
Wi Fi Technology
 
Wireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijay
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best Practices
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh Jadon
 
Wireless lan security(10.8)
Wireless lan security(10.8)Wireless lan security(10.8)
Wireless lan security(10.8)
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALA
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
 
Wireless security
Wireless securityWireless security
Wireless security
 
Y36146148
Y36146148Y36146148
Y36146148
 

Recently uploaded

INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseCeline George
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfPrerana Jadhav
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxVanesaIglesias10
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptxmary850239
 
Congestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationCongestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationdeepaannamalai16
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxSayali Powar
 
Multi Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP ModuleMulti Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP ModuleCeline George
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Developmentchesterberbo7
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...Nguyen Thanh Tu Collection
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 

Recently uploaded (20)

INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 Database
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdf
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of EngineeringFaculty Profile prashantha K EEE dept Sri Sairam college of Engineering
Faculty Profile prashantha K EEE dept Sri Sairam college of Engineering
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
ROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptxROLES IN A STAGE PRODUCTION in arts.pptx
ROLES IN A STAGE PRODUCTION in arts.pptx
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx4.11.24 Mass Incarceration and the New Jim Crow.pptx
4.11.24 Mass Incarceration and the New Jim Crow.pptx
 
Congestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentationCongestive Cardiac Failure..presentation
Congestive Cardiac Failure..presentation
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
 
Multi Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP ModuleMulti Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP Module
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Development
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 

Wireless network security

  • 2. Contents:  What is Wireless Networking  What is Wireless Security  Threats to Wireless Networks  Parking Lot attack  Security in WLAN 802.11  Thoughts on Wireless Security  Conclusion
  • 3. Wireless Networking?  A wireless network is a computer network that uses wireless data connections between network nodes.  It provides the flexibility and freedom that wired networks lack.  The main standards in the wireless world are:  802.11, which describes the Wireless LAN architecture,  802.16 which describes the Wireless MAN architecture.
  • 4. Wireless Security ?  Access Point(AP): Allows wireless communication device, such as computers to connect to a wireless network  Service set Identifier(SSID): SSID allows wireless clients to communicate with an appropriate access point. Only clients with correct SSID can communicate with the AP
  • 5. Wireless Security(contd.)? Reasons why wireless networks are more vulnerable to attacks then a wired network are:  Channel: Involves broadcast communications, which is far more susceptible to eavesdropping and jamming than wired networks  Mobility: Wireless devices are far more portable and mobile than wired devices.  Accessibility: Wireless devices, such as sensors and robots, may be left unattended in remote and/or hostile locations.
  • 7. Following are the threats to Wireless Networks: Malicious Association: A wireless device is configured to appear to be a legitimate access point, and then the operator penetrates the wired network through a legitimate wireless access point. Ad hoc Network: These are peer-to-peer networks between wireless computers with no access point between them. Such networks can pose a security threat due to a lack of a central point of control. Identify theft (MAC Spoofing): This occurs when an attacker is able to eavesdrop on network traffic and identify the MAC address of a computer with network privileges.
  • 8. PARKING LOT ATTACK  Wireless Signals are intercepted outside an organization, or even through the floors in multi-storey buildings.  “Parking lot” signifies that the attacker sit in the organization's parking lot and try to access internal hosts via the wireless network.
  • 9. SECURITY IN WLAN 802.11  802.11 Standard  802.11 Authentication  Wired Equivalent Privacy(WEP)  WEP Weakness  802.1x: EAP over LAN  802.11i Standard
  • 10. 802.11 Standard  The 802.11 IEEE standard was standardized in 1997.  It consists of three layers: Physical layer, MAC (Medium Access Control) layer, and LLC (Logical Link Control) layer  The first version of the standard supported only 2 Mbps bandwidth, which motivated the developing teams to come up with other standards to support up to 54Mbps
  • 12. 802.11 Authentication:  Two types of authentications used: Open System Authentication, Shared Key Authentication.  Open System Authentication:  Default authentication protocol for the 802.11 standard.  Consists of a simple authentication request containing the station ID and an authentication response containing success or failure data  Upon successful authentication, both stations are considered mutually authenticated.
  • 14. SHARED KEY AUTHENTICATION FLAW  Shared key authentication can easily be exploited through a passive attack by eavesdropping.  WEP uses RC4 stream cipher as its encryption algorithm.  If both the plaintext and the cipher text are known, the keystream can be recovered by simply XORing.  As a result, the attacker can be authenticated to the access point.  In the WEP (Wired Equivalent Privacy) standard both of the authentication modes were supported. In the new security standards, it is not recommended to use shared key authentication
  • 15. Wired Equivalent Privacy  It has 2 goals to achieve for Wireless LAN : confidentiality and integrity.  It uses Encryption to provide confidentiality.  It uses CRC(Cyclic Redundancy Check) to provide integrity.
  • 16. WEP Encryption / Decryption
  • 17. WEP Weakness  One of the major reasons behind WEP weaknesses is its key length.  WEP has a 40-bit key , which can be broken in less than five hours using parallel attacks with the help of normal computer machines[Brown2003] .  This issue urged vendors to update WEP from using 40-bit to 104-bit key; the new release is called WEP2.  WEP does not support mutual authentication.  CRC (for integrity) lacks the cryptography feature.
  • 18. 802.1x : EAP Over LAN (EAPOL)  The 802.1x standard was designed for port base authentication for 802 networks.  EAP (Extensible authentication Protocol) was designed to support multiple authentication methods over point to point connections without requiring IP.  It allows any of the encryption schemes to be implemented on top of it.
  • 19. EAPOL (contd.)  802.1x framework define 3 ports or entities:  Supplicant (client want to be authenticated),  Authenticator (AP that connect the supplicant to the wired network),  Authentication Server (performs the authentication process from the supplicant based on their credentials).
  • 20. 802.11i Standard:  The 802.11i (released June 2004) security standard is supposed to be the final solution to wireless security issue.  It improves authentication, integrity and data transfer.  After final release the full specification was named as WPA2.  802.11i enhances 802.11 by providing a Robust Security Network (RSN) with two new protocols: the four- way handshake and the group key handshake.
  • 21. Four-way handshake:  AP – Access Point  STA – Client Station  PTK – Pairwise Transient Key 64 Bytes (generated by concatenating PMK, AP nonce (ANonce), STA nonce (SNonce), AP MAC address, and STA MAC address. The product is then put through a pseudo-random function.).  GTK – Group Temporal Key 32 Bytes(used to decrypt multicast and broadcast message)  MIC – Message Integrity Code
  • 22. Group Key Handshake  The Group Temporal Key (GTK) used in the network may need to be updated due to the expiration of a preset timer.  To handle the updating, 802.11i defines a Group Key Handshake that consists of a two-way handshake:  The AP sends the new GTK to each STA in the network.  The GTK is encrypted using the KEK assigned to that STA, and protects the data from tampering, by use of a MIC.  The STA acknowledges the new GTK and replies to the AP.
  • 23. 802.11i (contd.)  To improve data transfer, 802.11i specifies three protocols: TKIP, CCMP and WRAP.  TKIP (Temporal Key Integrity Management) was introduced as a "band-aid" solution to WEP problems.  TKIP provides per-packet key mixing, a message integrity check and a re-keying mechanism.  TKIP ensures that every data packet is sent with its own unique encryption key.
  • 24. 802.11i (contd.)  WRAP (Wireless Robust Authenticated Protocol) is the LAN implementation of the AES encryption.  WRAP has intellectual property issues, where three parties have filed for its patent. This problem caused IEEE to replace it with CCMP  CCMP (Counter with Cipher Block Chaining Message Authentication Code Protocol) is considered the optimal solution for secure data transfer under 802.11i.  CCMP uses AES for encryption.
  • 25. THOUGHTS ON WIRELESS SECURITY:
  • 26. WIRELESS SECURITY MEASURES We can group wireless security measures into those dealing with: • Wireless Transmissions(threats involves eavesdropping, altering or inserting messages, and disruption.) • Wireless Networks
  • 27. SECURING WIRELESS TRANSMISSION: To deal with threats of Wireless Transmission, following two measures can be adopted:  Signal-hiding technique:  Involves turning off service set identifier (SSID) broadcasting by wireless access points  Assigning cryptic names to SSIDs  Reducing signal strength to the lowest level  Encryption: Encryption of all wireless transmission is effective against eavesdropping to the extent that the encryption keys are secured.
  • 28. SECURING WIRELESS NETWORK: Following techniques can be adopted to secure wireless networks:  Use encryption. Wireless routers are typically equipped with built-in encryption mechanisms for router-to-router traffic.  Use antivirus and antispyware software, and a firewall.  Turn off identifier broadcasting.  Allow only specific computers to access your wireless network.

Editor's Notes

  1. ACCESS POINT A wireless access point (AP) is a hardware device that allows wireless communication devices, such as PDAs and mobile computers, to connect to a wireless network. Usually, an AP connects to a wired network, and provides a bridge for data communication between wireless and wired devices. Service set Identifier (SSID) A Service Set Identifier (SSID) is a configurable identification that allows wireless clients to communicate with an appropriate access point. With proper configuration, only clients with correct SSID can communicate with the access points. In effect, SSID acts as a single shared password between access points and clients
  2. “PARKING LOT" ATTACK Access points emit radio signals in a circular pattern, and the signals almost always extend beyond the physical boundaries of the area they intend to cover. Signals can be intercepted outside buildings, or even through the floors in multi-storey buildings. As a result, attackers can implement a "parking lot" attack, where they actually sit in the organisation’s parking lot and try to access internal hosts via the wireless network. They are now through the firewall, and have the same level of network access as trusted employees within the corporation. An attacker may also fool legitimate wireless clients into connecting to the attacker’s own network by placing a unauthorised access point with a stronger signal in close proximity to wireless clients. The aim is to capture end-user passwords or other sensitive data when users attempt to log on these rogue servers.
  3. PHYSICAL LAYER The lowest layer of the IEEE 802 reference model is the physical layer, which includes such functions as encoding/decoding of signals and bit transmission/reception. In addition, the physical layer includes a specification of the transmission medium. In the case of IEEE 802.11, the physical layer also defines frequency bands and antenna characteristics. MEDIA ACCESS CONTROL All LANs consist of collections of devices that share the network’s transmission capacity. Some means of controlling access to the transmission medium is needed to provide an orderly and efficient use of that capacity. This is the function of a media access control (MAC) layer. The MAC layer receives data from a higher-layer protocol, typically the Logical Link Control (LLC) layer, in the form of a block of data known as the MAC service data unit (MSDU). LOGICAL LINK CONTROL In most data-link control protocols, the data-link protocol entity is responsible not only for detecting errors using the CRC, but for recovering from those errors by retransmitting damaged frames. In the LAN protocol architecture, these two functions are split between the MAC and LLC layers. The MAC layer is responsible for detecting errors and discarding any frames that contain errors. The LLC layer optionally keeps track of which frames have been successfully received and retransmits unsuccessful frames.
  4. To allow clients to access the network they must be go through two steps: getting authenticated by the AP, then getting associated. There are two types of authentications used: Shared Key Authentication and Open System Authentication. Open System Authentication is the default authentication protocol for the 802.11 standard. It consists of a simple authentication request containing the station ID and an authentication response containing success or failure data. Upon successful authentication, both stations are considered mutually authenticated.
  5. Here shared key authentication is shown in diagram When the client wants to connect to the Access Point (AP), it sends a request. Upon that request the AP sends a challenge packet in clear text (unencrypted). The client then encrypt it with its WEP key and sends it back. The AP tries to decrypt the message using its WEP key. If the decryption process succeeded that means the client is an authenticated user, otherwise the access is denied. In this case if someone is sniffing the traffic, they will get a copy of the encrypted and clear text versions of the message. Although Open System Authentication does not offer any kind of authentication, it is more secure. The reason behind the last statement is that Open System Authentication does not expose the WEP key to traffic sniffers.3
  6. SHARED KEY AUTHENTICATION FLAW Shared key authentication can easily be exploited through a passive attack by eavesdropping on both the challenge and the response between the access point and the authenticating client. Such an attack is possible because the attacker can capture both the plaintext and the cipher text. WEP uses the RC4 stream cipher as its encryption algorithm. A stream cipher works by generating a keystream, i.e. a sequence of pseudo-random bits. The keystream is then XORed against the plaintext to produce the cipher text. If both the plaintext and the ciphertext are known, the keystream can be recovered by simply XORing the plaintext and the ciphertext together. The recovered keystream can then be used by the attacker to encrypt any subsequent challenge text generated by the access point. As a result, the attacker can be authenticated to the access point. In the WEP (Wired Equivalent Privacy) standard both of the authentication modes were supported. In the new security standards, it is not recommended to use shared key authentication
  7. WEP has three goals to achieve for wireless LAN: confidentiality, availability and integrity [Earle2005] . WEP is now considered insecure for many reasons, nonetheless it served its purpose for a certain amount of time. WEP uses CRC (Cyclical Redundancy Checking) to verify message integrity. On the other side (receiver: AP) the decryption process is the same but reversed.
  8. WEP uses encryption to provide confidentiality. The encryption process is only between the client and the AP, meaning that packet transfers after the AP (wired LAN) are unencrypted. WEP uses RC4 (discussed earlier) for the encryption purposes. Since RC4 is a stream cipher it needs a seed value to start its key stream generator. This seed is called IV (Initialization Vector). The IV and the shared WEP key are used to encrypt/decrypt transferred packets . In the encryption process, the Integrity check (IC) value is computed and attached to the payload, then the payload is XORed with the encryption key consisting of two sections (IV and WEP Key). The packet is then forwarded with the IV value sent in plain text . WEP uses CRC (Cyclical Redundancy Checking) to verify message integrity. On the other side (receiver: AP) the decryption process is the same but reversed. The AP uses the IV value sent in plain text to decrypt the message by joining it with the shared WEP key. To get a better understanding of the operation, Fig. 14 below shows both encryption and decryption process between the client and AP.
  9. WEP is now considered insecure for many reasons, nonetheless it served its purpose for a certain amount of time. In the previous section we have described the way the WEP security protocol operates and the main features or properties it possesses. In the following section we will go through WEP weaknesses and flaws. One of the major reasons behind WEP weaknesses is its key length. WEP has a 40-bit key , which can be broken in less than five hours using parallel attacks with the help of normal computer machines[Brown2003] . This issue urged vendors to update WEP from using 40-bit to 104-bit key; the new release is called WEP2. This The main disadvantage of WEP however, is the lack of key management.. Some SOHO users (Small Office/ Home Office) never change their WEP key, which once known the whole system is in jeopardy. In addition to that, WEP does not support mutual authentication. It only authenticates the client, making it open to rouge AP attacks. Another issue is the use of CRC to ensure integrity. While CRC is a good integrity provision standard, it lacks the cryptography feature. CRC is known to be linear. By using a form of induction, knowing enough data (encrypted packets) and acquiring specific plaintext, the WEP key can be resolved [Brown2003] .
  10. The 802.1x standard was designed for port base authentication for 802 networks. 802.1x does not care what encryption techniques is used, it is only used to authenticate users. EAP (Extensible authentication Protocol) was designed to support multiple authentication methods over point to point connections without requiring IP . EAP allows any of the encryption schemes to be implemented on top of it, adding flexibility to the security design module. EAPOL (EAP over LAN) is EAP's implementation for LANs[EAPOL] .
  11. The authentication server in the 802.1x framework uses RADIUS (Remote Authentication Dial-In User Service) protocol to provide AAA (Authentication, Authorization and Accounting) service for network clients [RADIUS][Imai2006] . The protocol creates an encrypted tunnel between the AS (Authentication Server) and the Authenticator (AP). Authentication messages are exchanged inside the tunnel to determine if the client has access to the network or not.
  12. Due to the market need of a better substitute to WEP vendors (WiFi Alliance) took a subset of it and market the new product before the final release under the name WPA (WiFi Protected Access), which was released in April 2003. After the final release of 802.11i the vendors implemented the full specifications under the name WPA2.
  13. The four-way handshake is designed so that the access point (or authenticator) and wireless client (or supplicant) can independently prove to each other that they know the PSK(Pre Shared Key)/PMK (Pair Wise Master Key), without ever disclosing the key. Instead of disclosing the key, the access point (AP) and client encrypt messages to each other—that can only be decrypted by using the PMK that they already share—and if decryption of the messages was successful, this proves knowledge of the PMK. The actual messages exchanged during the handshake are depicted in the figure and explained below (all messages are sent as EAPOL-Key frames): The AP sends a nonce-value (ANonce) to the STA together with a Key Replay Counter, which is a number that is used to match each pair of messages sent, and discard replayed messages. The STA now has all the attributes to construct the PTK. The STA sends its own nonce-value (SNonce) to the AP together with a Message Integrity Code (MIC), including authentication, which is really a Message Authentication and Integrity Code (MAIC), and the Key Replay Counter which will be the same as Message 1, to allow AP to match the right Message 1. The AP verifies Message 2, by checking MIC, RSN, ANonce and Key Replay Counter Field, and if valid constructs and sends the GTK with another MIC. The STA verifies Message 3, by checking MIC and Key Replay Counter Field, and if valid sends a confirmation to the AP.
  14. The Group Temporal Key (GTK) used in the network may need to be updated due to the expiration of a preset timer. When a device leaves the network, the GTK also needs to be updated. This is to prevent the device from receiving any more multicast or broadcast messages from the AP. To handle the updating, 802.11i defines a Group Key Handshake that consists of a two-way handshake: The AP sends the new GTK to each STA in the network. The GTK is encrypted using the KEK assigned to that STA, and protects the data from tampering, by use of a MIC. The STA acknowledges the new GTK and replies to the AP.
  15. To improve data transfer, 802.11i specifies three protocols: TKIP, CCMP and WRAP. TKIP (Temporal Key Integrity Management) was introduced as a "band-aid" solution to WEP problems[ Brown2003] . One of the major advantages of implementing TKIP is that you do not need to update the hardware of the devices to run it. Simple firmware/software upgrade is enough.Unlike WEP, TKIP provides per-packet key mixing, a message integrity check and a re-keying mechanism [ TKIP] . TKIP ensures that every data packet is sent with its own unique encryption key. TKIP is included in 802.11i mainly for backward compatibility.
  16. WRAP (Wireless Robust Authenticated Protocol) is the LAN implementation of the AES encryption standard introduced earlier. It was ported to wireless to get the benefits of AES encryption. WRAP has intellectual property issues, where three parties have filed for its patent. This problem caused IEEE to replace it with CCMP. CCMP (Counter with Cipher Block Chaining Message Authentication Code Protocol) is considered the optimal solution for secure data transfer under 802.11i. CCMP uses AES for encryption. The use of AES will require a hardware upgrade to support the new encryption algorithm.
  17. Signal- hiding technique-Organizations can take a number of measures to make it more difficult for an attacker to locate their wireless access points, including turning off service set identifier (SSID) broadcasting by wireless access points; assigning cryptic names to SSIDs; reducing signal strength to the lowest level that still provides requisite coverage; and locating wireless access points in the interior of the building, away from windows and exterior walls. Greater security can be achieved by the use of directional antennas and of signal-shielding techniques.
  18. 1.Use encryption. Wireless routers are typically equipped with built-in encryption mechanisms for router-to-router traffic. 2. Use antivirus and antispyware software, and a firewall. These facilities should be enabled on all wireless network endpoints. 3. Turn off identifier broadcasting. Wireless routers are typically configured to broadcast an identifying signal so that any device within range can learn of the router’s existence. If a network is configured so that authorized devices know the identity of routers, this capability can be disabled, so as to thwart attackers. 4. Allow only specific computers to access your wireless network. A router can be configured to only communicate with approved MAC addresses. Of course, MAC addresses can be spoofed, so this is just one element of a security strategy.