Developing a Systematic Process for Mobile Surveying and Analysis of WLAN security

Wireless Local Area Network (WLAN), familiarly known as Wi-Fi, is one of the most used wireless networking technologies. WLANs have rapidly grown in popularity since the release of the original IEEE 802.11 WLAN standard in 1997. We are using our beloved wireless internet connection for everything and are connecting more and more devices into our wireless networks in every form imaginable. As the number of wireless network devices keeps increasing, so does the importance of wireless network security. During its now over twenty-year life cycle, a multitude of various security measures and protocols have been introduced into WLAN connections to keep our wireless communication secure. The most notable security measures presented in the 802.11 standard have been the encryption protocols Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). Both encryption protocols have had their share of flaws and vulnerabilities, some of them so severe that the use of WEP and the first generation of the WPA protocol have been deemed irredeemably broken and unfit to be used for WLAN encryption. Even though the aforementioned encryption protocols have been long since deemed fatally broken and insecure, research shows that both can still be found in use today. The purpose of this Master’s Thesis is to develop a process for surveying wireless local area networks and to survey the current state of WLAN security in Finland. The goal has been to develop a WLAN surveying process that would at the same time be efficient, scalable, and easily replicable. The purpose of the survey is to determine to what extent are the deprecated encryption protocols used in Finland. Furthermore, we want to find out in what state is WLAN security currently in Finland by observing the use of other WLAN security practices. The survey process presented in this work is based on a WLAN scanning method called Wardriving. Despite its intimidating name, wardriving is simply a form of passive wireless network scanning. Passive wireless network scanning is used for collecting information about the surrounding wireless networks by listening to the messages broadcasted by wireless network devices. To collect our research data, we conducted wardriving surveys on three separate occasions between the spring of 2019 and early spring of 2020, in a typical medium-sized Finnish city. Our survey results show that 2.2% out of the located networks used insecure encryption protocols and 9.2% of the located networks did not use any encryption protocol. While the percentage of insecure networks is moderately low, we observed during our study that private consumers are reluctant to change the factory-set default settings of their wireless network devices, possibly exposing them to other security threats

Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabilities (WIFI)

The growing volume of attacks on the Internet has increased the demand for more robust systems and sophisticated tools for vulnerability analysis, intrusion detection, forensic investigations, and possible responses. Current hacker tools and technologies warrant reengineering to address cyber crime and homeland security. The being aware of the flaws on a network is necessary to secure the information infrastructure by gathering network topology, intelligence, internal/external vulnerability analysis, and penetration testing. This paper has as main objective to minimize damages and preventing the attackers from exploiting weaknesses and vulnerabilities in the 4 ways handshake (WIFI).We equally present a detail study on various attacks and some solutions to avoid or prevent such attacks in WLAN

IEEE 802.11 i Security and Vulnerabilities

Despite using a variety of comprehensive preventive security measures, the Robust Secure Networks (RSNs) remain vulnerable to a number of attacks. Failure of preventive measures to address all RSN vulnerabilities dictates the need for enhancing the performance of Wireless Intrusion Detection Systems (WIDSs) to detect all attacks on RSNs with less false positive and false negative rates

ANALYZING AND EVALUATING THE SECURITY STANDARDS IN WIRELESS NETWORK: A REVIEW STUDY

Wireless networks used widely in office, home, and public places so security is one of the significant issues to keep the transmitted information safe. The applied security standards have been developed in response to the demand of high security and the developed hardware with software. Currently, the available security standards are (WEP, WPA, WPA2 and under development WPA3). These security standards are different in the offered security level base on the employed authentication method and encryption algorithms. The major objective of this paper is studying security standards and analyzing them based on their features. In addition to presenting a detailed review about WPA3 and its improvements over the older security standards. The conducted evaluations explained the differences among the Wi-Fi security standards in term of the offered security level, software and hardware requirements

A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Wireless Network Security: Challenges, Threats and Solutions. A Critical Review

Abstract: Wireless security is the avoidance of unlawful access or impairment to computers using wireless networks. Securing wireless network has been a research in the past two decades without coming up with prior solution to which security method should be employed to prevent unlawful access of data. The aim of this study was to review some literatures on wireless security in the areas of attacks, threats, vulnerabilities and some solutions to deal with those problems. It was found that attackers (hackers) have different mechanisms to attack the networks through bypassing the security trap developed by organizations and they may use one weak pint to attack the whole network of an organization. However the author suggested using firewall in each wireless access point as the counter measure to protect data of the whole organization not to be attacked

Security in Wireless Local Area Networks (WLANs)

Major research domains in the WLAN security include: access control & data frame protection, lightweight authentication and secure handoff. Access control standard like IEEE 802.11i provides flexibility in user authentication but on the other hand fell prey to Denial of Service (DoS) attacks. For Protecting the data communication between two communicating devices—three standard protocols i.e., WEP (Wired Equivalent Privacy), TKIP (Temporal Key Integrity Protocol) and AES-CCMP (Advanced Encryption Standard—Counter mode with CBC-MAC protocol) are used. Out of these, AES-CCMP protocol is secure enough and mostly used in enterprises. In WLAN environment lightweight authentication is an asset, provided it also satisfies other security properties like protecting the authentication stream or token along with securing the transmitted message. CAPWAP (Control and Provisioning of Wireless Access Points), HOKEY (Hand Over Keying) and IEEE 802.11r are major protocols for executing the secure handoff. In WLANs, handoff should not only be performed within time limits as required by the real time applications but should also be used to transfer safely the keying material for further communication. In this chapter, a comparative study of the security mechanisms under the above-mentioned research domains is provided

Authentication problems and access optimization to information wifi networks

Ensuring security presents a thorny problem because communication in a wireless network uses a shared medium without the benefit of a physical security perimeter. To address this problem wireless security protocols use cryptographic techniques to protect the network but the results have not always been successful. Serious flaws have been discovered in the design, implementation and operation of widely deployed wireless security protocols and attacks developed to exploit these flaws. Our investigation adopts the viewpoint of a hostile adversary to identify and exploit vulnerabilities that remain in wireless security protocols. Purpose-written software tools have been created to facilitate the investigation, conduct attacks and assist in the identification of the underlying causes of the security flaws. Remedial measures are then proposed, implemented and evaluated for the most serious threats. This method is applied to an investigation of the security problems present in both current Land Mobile Radio (LMR) systems and next-generation wireless mesh networks

Scanned Wireless Network Setup Fake Access Point & its Detection

This thesis addresses the topic of development and advancement of the wireless technology. Report described about network monitoring and security issues with advancement in the increase of network bandwidth and user requirements to access the internet. This report mainly focuses on how war driving affects the security of end user. How it can solve problem for infected users who are accessing the internet. The technique is used in wireless environment where all kinds of wireless devices can access internet and can use network resources with high security and better performance. Research on this topic reveals that passive monitoring technique can be used to scan the wireless network without even letting other devices to know that scanning is going on. In this way air traffic can easily be sniffed, which raises many security risks and threats related to sniffing the air traffic in wireless network that can easily reveal the personal identity of the end user who is using the wireless network. I have considered Man-in-the-middle scenario to implement FakeAP where the end user has to compromise its security in order to gain access to the network resources. I have also developed a solution to detect the FakeAP in the network which is misusing the network resources and wrote a program to trace down its location on Google maps