Scribd
Upload
63 views

Wireless Communication Systems Wireless Security

Wireless networks are vulnerable to both passive and active security attacks. Basic security methods like WEP have been cracked, so stronger protocols like WPA2 are now used. Attack types include eavesdropping, spoofing, denial of service, and man-in-the-middle attacks. Developing secure wireless networks requires confidentiality, integrity, authentication, and protecting against both infrastructure and node attacks.

Uploaded by

nabeel hasan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
63 views

Wireless Communication Systems Wireless Security

Wireless networks are vulnerable to both passive and active security attacks. Basic security methods like WEP have been cracked, so stronger protocols like WPA2 are now used. Attack types include eavesdropping, spoofing, denial of service, and man-in-the-middle attacks. Developing secure wireless networks requires confidentiality, integrity, authentication, and protecting against both infrastructure and node attacks.

Uploaded by

nabeel hasan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Wireless Communication Systems

Lecture 12
Wireless security
Wireless Topologies & Demographics

WAN
(Wide Area Network)
2.5G - 3G Phone

MAN
(Metropolitan Area Network)
802.11, 802.16, MMDS, LMDS

LAN
(Local Area Network)
802.11 & HyperLan2

PAN
(Personal Area Network)
Bluetooth
General Characteristics of Wireless Technologies

PAN LAN/WLAN MAN WAN

802.11A,B,G GSM, GPRS,


802.11/802.16
Stds Bluetooth HiperLAN2
MMDS, LMDS
CDMA2000, 2.5-
(Europe) 3G

11 & 54 Mbps (now)


11 to 100+
Speed < 1Mbps 22 & 100Mbps (plans) Mbps
10 to 384Kbps

Medium Medium-Long
Range Short
(1000ft w/o A.) Fixed Last Mi
Long

Peer-to-Peer Home, T1 PDA’s,


Replacement,
Apps Device-to- SOHO, Last Mile Mobile Phones,
Device Enterprise Networks Access Cellular Access
The analog wireless systems have no security, and one can easily
listen in on conversations by scanning the analog frequency band.
All digital cellular systems implement some level of encryption.
However, with enough knowledge, time and determination most
of these encryption methods can be cracked and, indeed, several
have been compromised
Developing a secure network

While developing a secure network, the following needs to be considered.

Confidentiality
It means that the non-authenticated party does not examine the data.
Confidentiality is set of rules that limits access on certain types
of information.

Integrity
It is an guarantee that the data which is received by the receiver has not been
change or Modified after the send by the sender Data integrity refers to
maintaining the accuracy of data over its entire life-cycle
Attacks can be

Attack on the channel


Messages can be eavesdropped and fake messages can be injected
or replayed into the network, without the hurdle of needing physical
access to network
components.

Attack on the nodes


Nodes may not be physically protected, and are therefore more prone
to capture and tamper attacks. If an adversary gets full access to a
node, he can
(i) steal sensitive information,
(ii) reprogram the node and change its behavior, or
(iii) physically damage hardware to terminate the node.
Reasons for more attacks on adhoc networks
than wired networks

Absence of infrastructure
Ad-hoc networks are supposed to operate independently of any fixed
infrastructure.

Dynamically changing topology


The topology of a wireless networks is potentially ever and quickly changing

Availability
The services provided by the network must be always available (often in a
timely manner), despite of any malfunctioning of the system.

Authorization and authentication


Wireless security

• Wireless security is the prevention of unauthorized


access or damage to wireless networks

• The most common types of wireless security are

1. Wired Equivalent Privacy (WEP)


2. Wi-Fi Protected Access (WPA).

8
WEP
• WEP is a weak security standard. The password it uses can often be
cracked in a few minutes with a basic laptop computer and widely
available software tools. WEP is an old IEEE 802.11 standard from 1999,
which was outdated in 2003.
• WEP uses the stream cipher for confidentiality, and the CRC checksum
for integrity

9
WEP Authentication
• Two methods of authentication can be used with WEP:
1. Open System authentication
2. Shared Key authentication.

Available Tools:
There are readily available tools for most attackers to crack the WEP keys.
Airsnort, Yellowjacket, Airfart & others tools take a lot of packets (several
million) to get the WEP key, on most networks this takes longer than most
people are willing to wait (1 or more days). If the network is very busy, the
WEP key can be cracked & obtained within 30 minutes. Because of the WEP
weakness, wireless sniffing & hijacking techniques can work despite the WEP
encrypted turned on

10
Wi-Fi Protected Access (WPA)

• WPA was a quick alternative to improve


security over WEP. The current standard is
WPA2; some hardware cannot support WPA2
without firmware upgrade or replacement

11
Types of Attacks

Attacks can be categories in two types


• Active attacks
• Passive attacks

12
Active attacks

Spoofing
When a malicious node miss-present his identity, so that the sender change the
topology

Modification
When malicious node performs some modification in the routing route, so that
sender sends the message through the long route. This attack cause
communication delay occurred between sender and receiver.

Fabrication
A malicious node generates the false routing message. This means it generate
the incorrect information about the route between devices

13
Active attacks

• Denial of service
A Denial-of-Service attack (DoS) occurs when an attacker continually
bombards a targeted AP with bogus requests, failure messages, and/or other
commands. These cause legitimate users to not be able to get on the network
and may even cause the network to crash.

Network injection
The hacker injects bogus networking re-configuration commands that affect
routers, switches, and intelligent hubs. A whole network can be brought down
in this manner and require rebooting or even reprogramming

14
Passive attacks
Traffic analysis
In the traffic analysis attack, an attacker tries to sense the communication path
between the sender and receiver. An attacker can found the amount of data which
is travel from the route of sender and receiver. There is no modification in data
by the traffic analysis.

Eavesdropping
This is a passive attack, which occurred in the mobile ad-hoc network. The main
aim of this attack is to find out some secret or confidential information from
communication. This secrete information may be privet or public key of sender or
receiver or any secrete data.

Monitoring
In this attack in which attacker can read the confidential data, but he cannot edit
the data or cannot modify the data.

15
Man-in-the-middle attacks
this attack forces AP-connected computers to drop their connections and
reconnect with the hacker’s soft AP

16
Advance attacks

Black hole attack


Black hole attack is one of the advance attacking which attacker uses the
routing protocol to advertise itself as having the best path to the node
whose packets it want to intercept. So that a malicious fake route is create.

Rushing attack
In rushing attack, when sender send packet to the receiver, then attacker alter
the packet and forward to receiver. Attacker performs duplicate sends the
duplicate to the receiver again and again. Receiver assumes that packets come
from sender so the receiver becomes busy continuously.

17
Advanced attacks

Replay attack
It this attack a malicious node may repeat the data. The attacked
intercept the data and retransmit it. At that time, an attacker an
intercept the password

18
Basic Wireless Security Profiles

Open Access Basic Security Enhanced Security


Dynamic Encryption Key
No WEP and Static Encryption Key Scalable Key Managem’t
Broadcast Mode

Public Access
Telecommuter Enterprise

Traveler
Virtual
Public
Private Special Apps./ Business
Network
Network
Security
(VPN) Traveler

You might also like