SlideShare a Scribd company logo

chapter 7 -wireless network security.ppt

Download as PPT, PDF
A
abenimelos

chapter 7 -wireless network security.

Education
1 of 24
Chapter -7 Wireless Network Security Compiled by Mikiyas .A 1
Outline Introduction to wireless security Examining wireless LAN vulnerabilities  Understanding WLAN security models  Securing wireless transmission using VPN Wireless security policies 2
Introduction to wireless security A wireless network is any type of computer network that uses wireless data connections for connecting network nodes.  Wireless networks operate using radio frequency technology, a frequency within the electromagnetic spectrum associated with radio wave propagation Concerns for wireless security are similar to those found in a wired environment Security requirements are the same: • Confidentiality, integrity, availability, authenticity, accountability • Most significant source of risk is the underlying communications medium 3
Examining wireless LAN vulnerabilities Over the last twelve years, 802.11 Wireless LAN’s have matured and really reshaped the network landscape. 802.11n is now rapidly replacing Ethernet as the method of network access. The rapid increasement of mobile devices has led to a tremendous need for wireless local area networks (WLAN), deployed in various types of locations, including homes, educational institutions, airports, business offices, government buildings, military facilities, coffee shops, book stores and many other venues. 4
Cont.. However, the increased development of Wireless LAN has increased the potential threats to the home user, small businesses and the corporate world. Unlike a wired network, a WLAN uses radio frequency transmission as the medium for communication. This necessarily exposes layer 1 and layer 2 to whoever can listen into the RF ranges on the network. Wireless insecurity has been a critical issue since Wired Equivalent Privacy (WEP), an IEEE standard security algorithm for wireless networks, was compromised. 5
WLAN VULNERABILITIES Wireless LANs have gained much more popularity than wired networks because of their flexibility, cost-effectiveness and ease of installation.  However, the increasing deployment of WLANs presents the hacker or cracker with more opportunities. Unlike wired networks, WLANs transmit data through the air using radio frequency transmission or infrared. Current wireless technology in use enables an attacker to monitor a wireless network and in the worst case may affect the integrity of the data. 6
WLANs are susceptible to various vulnerabilities due to their inherent characteristics and the technologies they rely on. Some common WLAN vulnerabilities include: Unauthorized Access: WLANs are susceptible to unauthorized access if proper security measures such as strong encryption and authentication protocols are not implemented. Attackers can intercept wireless signals and gain access to the network, potentially compromising sensitive data. Weak Encryption: Weak encryption methods such as WEP (Wired Equivalent Privacy) are vulnerable to various attacks, including packet sniffing and brute force attacks. It's essential to use strong encryption protocols like WPA2 (Wi-Fi Protected Access 2) or WPA3 to mitigate this vulnerability. 7
Denial of Service (DoS) Attacks: WLANs are susceptible to DoS attacks, where attackers flood the network with an excessive amount of traffic, causing it to become unavailable to legitimate users. This can disrupt operations and lead to service outages. Man-in-the-Middle (MitM) Attacks: MitM attacks involve intercepting and possibly altering communication between two parties without their knowledge. In WLANs, attackers can position themselves between the client and the access point, intercepting and manipulating data transmitted between them WPS Vulnerabilities: Wi-Fi Protected Setup (WPS) is designed to simplify the process of connecting devices to a wireless network. However, some implementations of WPS have been found to contain vulnerabilities that can be exploited by attackers to gain access to the network. 8
Cont.. SSID Spoofing: Attackers can set up fake wireless access points with the same Service Set Identifier (SSID) as legitimate networks to trick users into connecting to them. Once connected, attackers can eavesdrop on network traffic or launch further attacks. 9
Understanding WLAN security models Wireless Local Area Network (WLAN) security models are frameworks designed to protect wireless networks from various threats and vulnerabilities. Understanding these models is essential for implementing effective security measures. Here are the key WLAN security models: -WEP (Wired Equivalent Privacy): -WPA (Wi-Fi Protected Access): -WPA2 (Wi-Fi Protected Access 2): -WPA3 (Wi-Fi Protected Access 3): 10
WEP (Wired Equivalent Privacy) WEP (Wired Equivalent Privacy) is one of the earliest security protocols developed for wireless networks, specifically Wireless Local Area Networks (WLANs). However, WEP has several significant vulnerabilities that render it ineffective as a secure encryption method. Here are some key points about WEP: Encryption: WEP encrypts data transmitted over the wireless network using a shared key mechanism. It uses the RC4 encryption algorithm with a 40-bit or 104-bit key size. RC4 (Rivest Cipher 4) is a stream cipher designed by Ron Rivest in 1987. It's one of the most widely used stream ciphers due to its simplicity and speed. 11
Encryption Procedure RC4 1.The user inputs a plain text file and a secret key. 2.The encryption engine then generates the keystream by using KSA and PRGAAlgorithm. 3.This keystream is now XOR with the plain text, this XORing is done byte by byte to produce the encrypted text. 4.The encrypted text is then sent to the intended receiver, the intended receiver will then decrypted the text and after decryption, the receiver will get the original plain text. 12
13
Cont.. Weak keys: It allows an attacker to discover the default key being used by the Access Point and client stations This enables an attacker to decrypt all messages being sent over the encrypted channel. IV (initialization vector) reuse and small size: There are 224 different IVs On a busy network, the IV will surely be reused, if the default key has not been changed and the original message can be retrieved relatively easily. 14
Cont.. Security Flaws: WEP's security flaws became well-known soon after its introduction. Researchers demonstrated that WEP could be cracked within minutes using freely available tools. Replacement: Due to its vulnerabilities, WEP has been largely deprecated and replaced by more secure encryption protocols such as WPA (Wi-Fi Protected Access) and WPA2. 15
WPA (Wi-Fi Protected Access) New technique in 2002 Replacement of security flaws of WEP Improved data encryption Strong user authentication Because of many attacks related to static key, WPA minimize shared secret key in accordance with the frame transmission Use the RC4 algorithm in a proper way and provide fast transfer of the data before someone can decrypt the data. While more secure than WEP, WPA is still susceptible to certain attacks. 16
WPA2 (Wi-Fi Protected Access 2) Based on the IEEE 802.i standard 2 versions: Personal & Enterprise The primary enhancement over WPA is the use of the AES (Advanced Encryption Standard) algorithm The encryption in WPA2 is done by utilizing either AES or TKIP The Personal mode uses a PSK (Pre-shared key) & does not require a separate authentication of users The enterprise mode requires the users to be separately authenticated by using the EAP protocol 17
Cont.. WPA2 has immunity against many types of hacker attacks Man-in-the middle Replay Key collision Weak keys Packet forging Dictionary attacks 18
How to defend when using WPA Passphrases – the only way to crack WPA is to sniff the password PMK associated with the handshake authentication process, and if this password is extremely complicated it will be almost impossible to crack Passphrase Complexity – select a random passphrase that is not made up of dictionary words. Select a complex passphrase of a minimum of 20 characters in length and change it at regular intervals Change router default user name and password 19
Cont.. Change the internal IP subnet if possible Change default name and hide broadcasting of the SSID (Service Set Identifier) None of the attack methods are faster or effective when a larger passphrase is used. Restrict access to your wireless network by filtering access based on the MAC (Media Access Code) addresses Use Encryption 20
Securing wireless transmission using VPN Virtual private network (VPN) is a network that uses a public telecommunication infrastructure, to provide remote offices or individual users with secure access to their organization's network. The VPN follows a client and server approach. For connections to an open network such as a Wi-Fi hotspot and those commonly provided by hotels, Starbucks, McDonalds and so on, a virtual private network (VPN) can be a good security solution to deliver consistent protection over any internet connection and provide end-to-end security on wireless devices. 21
Cont.. The VPN clients and VPN servers are used in three different scenarios 1. Support remote access to an intranet. 2. Support connections between multiple intranets within the same organization. 3. Join networks between two organizations, forming an extranet. 22
Wireless security policies ? Wireless devices and networks enable un-tethered communications to mobile users.  Improperly installed, configured or managed wireless technology presents a significant risk to the confidentiality of information. Wireless network security refers to the protection of wireless network hardware, software, and the information contained in them from threats caused by the inherent vulnerabilities in the technology and its implementation. This policy is to ensure that the deployment of wireless networking is controlled and managed in a centralized way to provide functionality and optimum levels of service whilst maintaining network security. 23
Thank you! 24

Recommended

Data-Centric Routing Protocols in Wireless Sensor Network: A survey
Data-Centric Routing Protocols in Wireless Sensor Network: A surveyData-Centric Routing Protocols in Wireless Sensor Network: A survey
Data-Centric Routing Protocols in Wireless Sensor Network: A survey
Ali Habeeb
 
Wireless broadband
Wireless broadband Wireless broadband
Wireless broadband
John Jasper Fernandez
 
WPA 3
WPA 3WPA 3
WPA 3
diggu22
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
ruledbyrobotics2080
 
Routing information protocol
Routing information protocolRouting information protocol
Routing information protocol
Saranya Parthasarathy
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit Bhatia
Arpit Bhatia
 
Wireless repeaters
Wireless repeatersWireless repeaters
Wireless repeaters
Lou Tenoso
 
Routing in Wireless Sensor Networks
Routing in Wireless Sensor NetworksRouting in Wireless Sensor Networks
Routing in Wireless Sensor Networks
sashar86
 

Recommended

Data-Centric Routing Protocols in Wireless Sensor Network: A survey
Data-Centric Routing Protocols in Wireless Sensor Network: A surveyData-Centric Routing Protocols in Wireless Sensor Network: A survey
Data-Centric Routing Protocols in Wireless Sensor Network: A survey
Ali Habeeb
 
Wireless broadband
Wireless broadband Wireless broadband
Wireless broadband
John Jasper Fernandez
 
WPA 3
WPA 3WPA 3
WPA 3
diggu22
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
ruledbyrobotics2080
 
Routing information protocol
Routing information protocolRouting information protocol
Routing information protocol
Saranya Parthasarathy
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit Bhatia
Arpit Bhatia
 
Wireless repeaters
Wireless repeatersWireless repeaters
Wireless repeaters
Lou Tenoso
 
Routing in Wireless Sensor Networks
Routing in Wireless Sensor NetworksRouting in Wireless Sensor Networks
Routing in Wireless Sensor Networks
sashar86
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
Ankit Anand
 
Rack documentation template
Rack documentation templateRack documentation template
Rack documentation template
Kamran Arshad
 
Wlan security
Wlan securityWlan security
Wlan security
Upasona Roy
 
VANET
VANETVANET
VANET
gowthami15mca
 
Wlan security
Wlan securityWlan security
Wlan security
Sajan Sahu
 
AAA server
AAA serverAAA server
AAA server
hetvi naik
 
Cdma
CdmaCdma
Cdma
Robert Skowronski
 
Routing protocols in ad hoc network
Routing protocols in ad hoc networkRouting protocols in ad hoc network
Routing protocols in ad hoc network
NIIS Institute of Business Management, Bhubaneswar
 
Network standardization
Network standardizationNetwork standardization
Network standardization
Abinaya B
 
Dect
DectDect
Dect
heatherb51386
 
The cougar approach to in-network query processing in sensor networks
The cougar approach to in-network query processing in sensor networksThe cougar approach to in-network query processing in sensor networks
The cougar approach to in-network query processing in sensor networks
Dilini Muthumala
 
WIRELES NETWORK
WIRELES NETWORKWIRELES NETWORK
WIRELES NETWORK
Ryma Chohan
 
Subnetting
SubnettingSubnetting
Subnetting
Fredrick Hall
 
Intorduction to cellular communication
Intorduction to cellular communicationIntorduction to cellular communication
Intorduction to cellular communication
Zaahir Salam
 
TDMA, FDMA, and CDMA
TDMA, FDMA, and CDMATDMA, FDMA, and CDMA
TDMA, FDMA, and CDMA
Najeeb Khan
 
Types of network
Types of networkTypes of network
Types of network
Vaibhav Madaan
 
Bandwidth
BandwidthBandwidth
Bandwidth
Christopher Brown
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
RK Nayak
 
Lecture notes on mobile communication
Lecture notes on mobile communicationLecture notes on mobile communication
Lecture notes on mobile communication
Inocentshuja Ahmad
 
Wireless network
Wireless networkWireless network
Wireless network
mattglover0
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
Chandrak Trivedi
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
Lindsey Landolfi
 

More Related Content

What's hot

Rack documentation template
Rack documentation templateRack documentation template
Rack documentation template
Kamran Arshad
 

What's hot (20)

Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
 
Rack documentation template
Rack documentation templateRack documentation template
Rack documentation template
 
Wlan security
Wlan securityWlan security
Wlan security
 
VANET
VANETVANET
VANET
 
Wlan security
Wlan securityWlan security
Wlan security
 
AAA server
AAA serverAAA server
AAA server
 
Cdma
CdmaCdma
Cdma
 
Routing protocols in ad hoc network
Routing protocols in ad hoc networkRouting protocols in ad hoc network
Routing protocols in ad hoc network
 
Network standardization
Network standardizationNetwork standardization
Network standardization
 
Dect
DectDect
Dect
 
The cougar approach to in-network query processing in sensor networks
The cougar approach to in-network query processing in sensor networksThe cougar approach to in-network query processing in sensor networks
The cougar approach to in-network query processing in sensor networks
 
WIRELES NETWORK
WIRELES NETWORKWIRELES NETWORK
WIRELES NETWORK
 
Subnetting
SubnettingSubnetting
Subnetting
 
Intorduction to cellular communication
Intorduction to cellular communicationIntorduction to cellular communication
Intorduction to cellular communication
 
TDMA, FDMA, and CDMA
TDMA, FDMA, and CDMATDMA, FDMA, and CDMA
TDMA, FDMA, and CDMA
 
Types of network
Types of networkTypes of network
Types of network
 
Bandwidth
BandwidthBandwidth
Bandwidth
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
 
Lecture notes on mobile communication
Lecture notes on mobile communicationLecture notes on mobile communication
Lecture notes on mobile communication
 
Wireless network
Wireless networkWireless network
Wireless network
 

Similar to chapter 7 -wireless network security.ppt

The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
Lindsey Landolfi
 
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSIS
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSISSECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSIS
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSIS
IJNSA Journal
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
phanleson
 
A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK
A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK
A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK
IJNSA Journal
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
ijceronline
 
1Table of Contents.docx
1Table of Contents.docx1Table of Contents.docx
1Table of Contents.docx
felicidaddinwoodie
 

Similar to chapter 7 -wireless network security.ppt (20)

WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
 
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSIS
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSISSECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSIS
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSIS
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Module 6 Wireless Network security
Module 6 Wireless Network securityModule 6 Wireless Network security
Module 6 Wireless Network security
 
A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK
A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK
A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
A framework for securing wireless home networks 1
A framework for securing wireless home networks 1A framework for securing wireless home networks 1
A framework for securing wireless home networks 1
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018
 
Wireless Deauth and Disassociation Attacks explained
Wireless Deauth and Disassociation Attacks explainedWireless Deauth and Disassociation Attacks explained
Wireless Deauth and Disassociation Attacks explained
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be Jeopardized
 
Analysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkAnalysis Of Security In Wireless Network
Analysis Of Security In Wireless Network
 
1Table of Contents.docx
1Table of Contents.docx1Table of Contents.docx
1Table of Contents.docx
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless Networks
 

Recently uploaded

Including Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdfIncluding Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdf
Association for Project Management
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
EADTU
 
SPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesSPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code Examples
Peter Brusilovsky
 
Spring gala 2024 photo slideshow - Celebrating School-Community Partnerships
Spring gala 2024 photo slideshow - Celebrating School-Community PartnershipsSpring gala 2024 photo slideshow - Celebrating School-Community Partnerships
Spring gala 2024 photo slideshow - Celebrating School-Community Partnerships
expandedwebsite
 

Recently uploaded (20)

An Overview of the Odoo 17 Knowledge App
An Overview of the Odoo 17 Knowledge AppAn Overview of the Odoo 17 Knowledge App
An Overview of the Odoo 17 Knowledge App
 
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfFICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
 
How to Send Pro Forma Invoice to Your Customers in Odoo 17
How to Send Pro Forma Invoice to Your Customers in Odoo 17How to Send Pro Forma Invoice to Your Customers in Odoo 17
How to Send Pro Forma Invoice to Your Customers in Odoo 17
 
AIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.pptAIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.ppt
 
Including Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdfIncluding Mental Health Support in Project Delivery, 14 May.pdf
Including Mental Health Support in Project Delivery, 14 May.pdf
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
Mattingly "AI & Prompt Design: Named Entity Recognition"
Mattingly "AI & Prompt Design: Named Entity Recognition"Mattingly "AI & Prompt Design: Named Entity Recognition"
Mattingly "AI & Prompt Design: Named Entity Recognition"
 
male presentation...pdf.................
male presentation...pdf.................male presentation...pdf.................
male presentation...pdf.................
 
SPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code ExamplesSPLICE Working Group: Reusable Code Examples
SPLICE Working Group: Reusable Code Examples
 
Graduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptxGraduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptx
 
UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024
 
Observing-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptxObserving-Correct-Grammar-in-Making-Definitions.pptx
Observing-Correct-Grammar-in-Making-Definitions.pptx
 
ESSENTIAL of (CS/IT/IS) class 07 (Networks)
ESSENTIAL of (CS/IT/IS) class 07 (Networks)ESSENTIAL of (CS/IT/IS) class 07 (Networks)
ESSENTIAL of (CS/IT/IS) class 07 (Networks)
 
Đề tieng anh thpt 2024 danh cho cac ban hoc sinh
Đề tieng anh thpt 2024 danh cho cac ban hoc sinhĐề tieng anh thpt 2024 danh cho cac ban hoc sinh
Đề tieng anh thpt 2024 danh cho cac ban hoc sinh
 
PSYPACT- Practicing Over State Lines May 2024.pptx
PSYPACT- Practicing Over State Lines May 2024.pptxPSYPACT- Practicing Over State Lines May 2024.pptx
PSYPACT- Practicing Over State Lines May 2024.pptx
 
Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...
 
Spring gala 2024 photo slideshow - Celebrating School-Community Partnerships
Spring gala 2024 photo slideshow - Celebrating School-Community PartnershipsSpring gala 2024 photo slideshow - Celebrating School-Community Partnerships
Spring gala 2024 photo slideshow - Celebrating School-Community Partnerships
 
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptxAnalyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
 
Book Review of Run For Your Life Powerpoint
Book Review of Run For Your Life PowerpointBook Review of Run For Your Life Powerpoint
Book Review of Run For Your Life Powerpoint
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
 

chapter 7 -wireless network security.ppt

  • 2. Outline Introduction to wireless security Examining wireless LAN vulnerabilities  Understanding WLAN security models  Securing wireless transmission using VPN Wireless security policies 2
  • 3. Introduction to wireless security A wireless network is any type of computer network that uses wireless data connections for connecting network nodes.  Wireless networks operate using radio frequency technology, a frequency within the electromagnetic spectrum associated with radio wave propagation Concerns for wireless security are similar to those found in a wired environment Security requirements are the same: • Confidentiality, integrity, availability, authenticity, accountability • Most significant source of risk is the underlying communications medium 3
  • 4. Examining wireless LAN vulnerabilities Over the last twelve years, 802.11 Wireless LAN’s have matured and really reshaped the network landscape. 802.11n is now rapidly replacing Ethernet as the method of network access. The rapid increasement of mobile devices has led to a tremendous need for wireless local area networks (WLAN), deployed in various types of locations, including homes, educational institutions, airports, business offices, government buildings, military facilities, coffee shops, book stores and many other venues. 4
  • 5. Cont.. However, the increased development of Wireless LAN has increased the potential threats to the home user, small businesses and the corporate world. Unlike a wired network, a WLAN uses radio frequency transmission as the medium for communication. This necessarily exposes layer 1 and layer 2 to whoever can listen into the RF ranges on the network. Wireless insecurity has been a critical issue since Wired Equivalent Privacy (WEP), an IEEE standard security algorithm for wireless networks, was compromised. 5
  • 6. WLAN VULNERABILITIES Wireless LANs have gained much more popularity than wired networks because of their flexibility, cost-effectiveness and ease of installation.  However, the increasing deployment of WLANs presents the hacker or cracker with more opportunities. Unlike wired networks, WLANs transmit data through the air using radio frequency transmission or infrared. Current wireless technology in use enables an attacker to monitor a wireless network and in the worst case may affect the integrity of the data. 6
  • 7. WLANs are susceptible to various vulnerabilities due to their inherent characteristics and the technologies they rely on. Some common WLAN vulnerabilities include: Unauthorized Access: WLANs are susceptible to unauthorized access if proper security measures such as strong encryption and authentication protocols are not implemented. Attackers can intercept wireless signals and gain access to the network, potentially compromising sensitive data. Weak Encryption: Weak encryption methods such as WEP (Wired Equivalent Privacy) are vulnerable to various attacks, including packet sniffing and brute force attacks. It's essential to use strong encryption protocols like WPA2 (Wi-Fi Protected Access 2) or WPA3 to mitigate this vulnerability. 7
  • 8. Denial of Service (DoS) Attacks: WLANs are susceptible to DoS attacks, where attackers flood the network with an excessive amount of traffic, causing it to become unavailable to legitimate users. This can disrupt operations and lead to service outages. Man-in-the-Middle (MitM) Attacks: MitM attacks involve intercepting and possibly altering communication between two parties without their knowledge. In WLANs, attackers can position themselves between the client and the access point, intercepting and manipulating data transmitted between them WPS Vulnerabilities: Wi-Fi Protected Setup (WPS) is designed to simplify the process of connecting devices to a wireless network. However, some implementations of WPS have been found to contain vulnerabilities that can be exploited by attackers to gain access to the network. 8
  • 9. Cont.. SSID Spoofing: Attackers can set up fake wireless access points with the same Service Set Identifier (SSID) as legitimate networks to trick users into connecting to them. Once connected, attackers can eavesdrop on network traffic or launch further attacks. 9
  • 10. Understanding WLAN security models Wireless Local Area Network (WLAN) security models are frameworks designed to protect wireless networks from various threats and vulnerabilities. Understanding these models is essential for implementing effective security measures. Here are the key WLAN security models: -WEP (Wired Equivalent Privacy): -WPA (Wi-Fi Protected Access): -WPA2 (Wi-Fi Protected Access 2): -WPA3 (Wi-Fi Protected Access 3): 10
  • 11. WEP (Wired Equivalent Privacy) WEP (Wired Equivalent Privacy) is one of the earliest security protocols developed for wireless networks, specifically Wireless Local Area Networks (WLANs). However, WEP has several significant vulnerabilities that render it ineffective as a secure encryption method. Here are some key points about WEP: Encryption: WEP encrypts data transmitted over the wireless network using a shared key mechanism. It uses the RC4 encryption algorithm with a 40-bit or 104-bit key size. RC4 (Rivest Cipher 4) is a stream cipher designed by Ron Rivest in 1987. It's one of the most widely used stream ciphers due to its simplicity and speed. 11
  • 12. Encryption Procedure RC4 1.The user inputs a plain text file and a secret key. 2.The encryption engine then generates the keystream by using KSA and PRGAAlgorithm. 3.This keystream is now XOR with the plain text, this XORing is done byte by byte to produce the encrypted text. 4.The encrypted text is then sent to the intended receiver, the intended receiver will then decrypted the text and after decryption, the receiver will get the original plain text. 12
  • 13. 13
  • 14. Cont.. Weak keys: It allows an attacker to discover the default key being used by the Access Point and client stations This enables an attacker to decrypt all messages being sent over the encrypted channel. IV (initialization vector) reuse and small size: There are 224 different IVs On a busy network, the IV will surely be reused, if the default key has not been changed and the original message can be retrieved relatively easily. 14
  • 15. Cont.. Security Flaws: WEP's security flaws became well-known soon after its introduction. Researchers demonstrated that WEP could be cracked within minutes using freely available tools. Replacement: Due to its vulnerabilities, WEP has been largely deprecated and replaced by more secure encryption protocols such as WPA (Wi-Fi Protected Access) and WPA2. 15
  • 16. WPA (Wi-Fi Protected Access) New technique in 2002 Replacement of security flaws of WEP Improved data encryption Strong user authentication Because of many attacks related to static key, WPA minimize shared secret key in accordance with the frame transmission Use the RC4 algorithm in a proper way and provide fast transfer of the data before someone can decrypt the data. While more secure than WEP, WPA is still susceptible to certain attacks. 16
  • 17. WPA2 (Wi-Fi Protected Access 2) Based on the IEEE 802.i standard 2 versions: Personal & Enterprise The primary enhancement over WPA is the use of the AES (Advanced Encryption Standard) algorithm The encryption in WPA2 is done by utilizing either AES or TKIP The Personal mode uses a PSK (Pre-shared key) & does not require a separate authentication of users The enterprise mode requires the users to be separately authenticated by using the EAP protocol 17
  • 18. Cont.. WPA2 has immunity against many types of hacker attacks Man-in-the middle Replay Key collision Weak keys Packet forging Dictionary attacks 18
  • 19. How to defend when using WPA Passphrases – the only way to crack WPA is to sniff the password PMK associated with the handshake authentication process, and if this password is extremely complicated it will be almost impossible to crack Passphrase Complexity – select a random passphrase that is not made up of dictionary words. Select a complex passphrase of a minimum of 20 characters in length and change it at regular intervals Change router default user name and password 19
  • 20. Cont.. Change the internal IP subnet if possible Change default name and hide broadcasting of the SSID (Service Set Identifier) None of the attack methods are faster or effective when a larger passphrase is used. Restrict access to your wireless network by filtering access based on the MAC (Media Access Code) addresses Use Encryption 20
  • 21. Securing wireless transmission using VPN Virtual private network (VPN) is a network that uses a public telecommunication infrastructure, to provide remote offices or individual users with secure access to their organization's network. The VPN follows a client and server approach. For connections to an open network such as a Wi-Fi hotspot and those commonly provided by hotels, Starbucks, McDonalds and so on, a virtual private network (VPN) can be a good security solution to deliver consistent protection over any internet connection and provide end-to-end security on wireless devices. 21
  • 22. Cont.. The VPN clients and VPN servers are used in three different scenarios 1. Support remote access to an intranet. 2. Support connections between multiple intranets within the same organization. 3. Join networks between two organizations, forming an extranet. 22
  • 23. Wireless security policies ? Wireless devices and networks enable un-tethered communications to mobile users.  Improperly installed, configured or managed wireless technology presents a significant risk to the confidentiality of information. Wireless network security refers to the protection of wireless network hardware, software, and the information contained in them from threats caused by the inherent vulnerabilities in the technology and its implementation. This policy is to ensure that the deployment of wireless networking is controlled and managed in a centralized way to provide functionality and optimum levels of service whilst maintaining network security. 23