FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
WLAN Security
1. Vidya Vardhaka College of Engineering, Mysuru
Department of Computer Science & Engineering
Cryptography, Network Security and
Cyber laws(15CS62)
Module-4:WLAN Security
Gururaj H L
CSE, VVCE, Mysuru
gururaj1711@vvce.ac.in
gururajhl.blogspot.com
2. Brief Background
• A local area network (LAN) with no wires
• Several Wireless LAN (WLAN) standards
802.11 - 1-2 Mbps speed, 2.4Ghz band
802.11b (Wi-Fi) – 11 Mbps speed, 2.4Ghz band
802.11a (Wi-Fi) - 54 Mbps speed, 5Ghz band
802.11g (Wi-Fi) – 54 Mbps speed, 2.4Ghz band
6. Security Challenges and Solutions
• Challenges
Beyond any physical Boundaries
Encryption, Authentication and Integrity
• Basic Security Mechanisms in 802.11
Service Set ID (SSID) – Acts like a shared secret, but sent
in clear.
MAC Address Lists – Modifiable and also sent in clear.
The WEP Algorithm
7. More on WEP
• Stands for Wired Equivalent Privacy
• Designed to encrypt data over radio waves
• Provides 3 critical pieces of security
Confidentiality (Encryption)
Authentication
Integrity
• Uses RC4 encryption algorithm
Symmetric key stream cipher
64-bit shared RC4 keys, 40-bit WEP key, 24-bit plaintext
Initialization Vector (IV)
8. WEP Encryption for Authentication and
Integrity
IV
Secret Key
Seed PRNG
XOR
IV
Ciphertext
Plaintext
CRC-32
Algorithm
Integrity
Check value
Plaintext
Key
Sequence
Message
PRNG – RC4 Pseudorandom number generation algorithm
Data payload
9. WEPAuthentication
2 levels of authentication
“Open” : No authentication
“Shared secret” :
StationA
StationB
Nonce N
E(N, KA-B)
Request for shared key auth.
Authentication response
10. Authentication in 802.11i
Uses 802.1x protocol
Three Entities
• Supplicant (the wireless station)
• Authenticate (The AP in our case)
• Authentication Server
EAP (Extensible Authentication Protocol)
EAPOL (EAP over LANs)
4/23/2020 10
11. Key Agreement in 802.11i
Two types of keys
• Pairwise keys
• Group Key
4/23/2020 11
12. Authentication Methods by EAP
• EAP-MD5
Eavesdropper
• EAP-TLS
Digital Certificates
• EAP-TTLS
• EAP-PEAP
4/23/2020 12
14. Types of Malware
4/23/2020 14
Virus Worms Trojan
Application/ code that
attaches itself to the
application and runs
whenever application runs.
Just like a virus.
It doesn’t modifies the
program. Worm replicates
itself again and again
It doesn’t modifies the
program and doesn’t
replicates.
To modify the program
functionality
It consumes lot of
computer resources, which
makes the system work
slow.
Hidden piece of code
which is intended to leak
your confidential
information.
Example:
File deletion on launching a
media player application.
Example:
While typing the password
it will records the
passwords your typing.
15. SAML
• Security Assertion Markup Language (SAML) is
a standard for logging users into applications
based on their sessions in another context.
• This single sign-on (SSO) login standard has
significant advantages over logging in using
a username/password:
No need to type in credentials
No need to remember and renew passwords
No weak passwords
4/23/2020 15
17. DDoS
A Distributed Denial of Service (DDoS) attack
is an attempt to make an online service
unavailable by overwhelming it with traffic
from multiple sources.
They target a wide variety of important
resources, from banks to news websites, and
present a major challenge to making sure people
can publish and access important information.
4/23/2020 17
19. IDS
• Intrusion Detection System (IDS)
• Intrusion Prevention system (IPS)
Types of Intruders
Masquerader
Misfeasor
Clandestine Users
4/23/2020 19
20. “False Positives and False Negatives”
Primitive methods
Signature based Detection
Anomaly based detection
4/23/2020 20
21. Firewall
• Group of Routers that enforces to filter the
packets between the network (group of
networks)
Allow
Deny
• DMZ(Demilitarized Zone)
• Types of firewalls
Packet Filters
Application Layer Filters
Dynamic Filters
4/23/2020 21