From Map to Dist: the Evolution of a Large-Scale Wlan Monitoring System

The edge of the Internet is increasingly becoming wireless. Therefore, monitoring the wireless edge is important to understanding the security and performance aspects of the Internet experience. We have designed and implemented a large-scale WLAN monitoring system, the Distributed Internet Security Testbed (DIST), at Dartmouth College. It is equipped with distributed arrays of “sniffers” that cover 210 diverse campus locations and more than 5,000 users. In this paper, we describe our approach, designs and solutions for addressing the technical challenges that have resulted from efficiency, scalability, security, and management perspectives. We also present extensive evaluation results on a production network, and summarize the lessons learned

An investigation into the deployment of IEEE 802.11 networks

Currently, the IEEE 802.11 standard is the leading technology in the Wireless Local Area Network (WLAN) market. It provides flexibility and mobility to users, which in turn, increase productivity. Opposed to traditional fixed Local Area Network (LAN) technologies, WLANs are easier to deploy and have lower installation costs. Unfortunately, there are problems inherent within the technology and standard that inhibits its performance. Technological problems can be attributed to the physical medium of a WLAN, the electromagnetic (EM) wave. Standards based problems include security issues and the MAC layer design. However the impact of these problems can be mitigated with proper planning and design of the WLAN. To do this, an understanding of WLAN issues and the use of WLAN software tools are necessary. This thesis discusses WLAN issues such as security and electromagnetic wave propagation and introduces software that can aid the planning, deployment and maintenance of a WLAN. Furthermore the planning, implementation and auditing phases of a WLAN lifecylce are discussed. The aim being to provide an understanding of the complexities involved to deploy and maintain a secure and reliable WLAN

Wireless intrusion detection system using fingerprinting

Wireless network is the network which is easy to deploy and very easy to access that network and that network is user friendly. The main reason behind of getting popular is because it provide benefits, like as easy to installation, flexibility, mobility, scalability and reduced cost-of-ownership. But drawback in these wireless networks is that it doesn't provide security as much as required, due to that user faces attacks of various types which are damageable to user information. One of the serious attack is Identity based attacks which steals the identity of some other user in that network and performed some other attack. The available present security tools to detect such these identity(spoofed MAC) based attacks are quite limited. In this proposed work a new technique is developed for detecting masquerade(identity) attacks or spoofed MAC attack exploited in 802.11 wireless network. Current methods of device fingerprinting includes only probe request packets fingerprinting, which results in large amount of false positive. In our proposed work fingerprint is created on basis of three frames which are required in three section of connectivity phase and that frames are probe request frame, authentication frame and association frame. Time differences between consecutive frames are take into consideration and on the basis of that fingerprint is created of different device. In this proposed technique cross-correlation method is used to estimate the signals similarity in terms of time lagging to each other. Those signals are captured by different devices. Stored signature of actual device and captured signal of transmitting device is compared using this technique and after that result analysis, identification of device is done

Energy Efficient Security Framework for Wireless Local Area Networks

Wireless networks are susceptible to network attacks due to their inherentvulnerabilities. The radio signal used in wireless transmission canarbitrarily propagate through walls and windows; thus a wireless networkperimeter is not exactly known. This leads them to be more vulnerable toattacks such as eavesdropping, message interception and modifications comparedto wired-line networks. Security services have been used as countermeasures toprevent such attacks, but they are used at the expense of resources that arescarce especially, where wireless devices have a very limited power budget.Hence, there is a need to provide security services that are energy efficient.In this dissertation, we propose an energy efficient security framework. Theframework aims at providing security services that take into account energyconsumption. We suggest three approaches to reduce the energy consumption ofsecurity protocols: replacement of standard security protocol primitives thatconsume high energy while maintaining the same security level, modification ofstandard security protocols appropriately, and a totally new design ofsecurity protocol where energy efficiency is the main focus. From ourobservation and study, we hypothesize that a higher level of energy savings isachievable if security services are provided in an adjustable manner. Wepropose an example tunable security or TuneSec system, which allows areasonably fine-grained security tuning to provide security services at thewireless link level in an adjustable manner.We apply the framework to several standard security protocols in wirelesslocal area networks and also evaluate their energy consumption performance.The first and second methods show improvements of up to 70% and 57% inenergy consumption compared to plain standard security protocols,respectively. The standard protocols can only offer fixed-level securityservices, and the methods applied do not change the security level. The thirdmethod shows further improvement compared to fixed-level security by reducing(about 6% to 40%) the energy consumed. This amount of energy saving can bevaried depending on the configuration and security requirements

Developing a Systematic Process for Mobile Surveying and Analysis of WLAN security

Wireless Local Area Network (WLAN), familiarly known as Wi-Fi, is one of the most used wireless networking technologies. WLANs have rapidly grown in popularity since the release of the original IEEE 802.11 WLAN standard in 1997. We are using our beloved wireless internet connection for everything and are connecting more and more devices into our wireless networks in every form imaginable. As the number of wireless network devices keeps increasing, so does the importance of wireless network security. During its now over twenty-year life cycle, a multitude of various security measures and protocols have been introduced into WLAN connections to keep our wireless communication secure. The most notable security measures presented in the 802.11 standard have been the encryption protocols Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). Both encryption protocols have had their share of flaws and vulnerabilities, some of them so severe that the use of WEP and the first generation of the WPA protocol have been deemed irredeemably broken and unfit to be used for WLAN encryption. Even though the aforementioned encryption protocols have been long since deemed fatally broken and insecure, research shows that both can still be found in use today. The purpose of this Master’s Thesis is to develop a process for surveying wireless local area networks and to survey the current state of WLAN security in Finland. The goal has been to develop a WLAN surveying process that would at the same time be efficient, scalable, and easily replicable. The purpose of the survey is to determine to what extent are the deprecated encryption protocols used in Finland. Furthermore, we want to find out in what state is WLAN security currently in Finland by observing the use of other WLAN security practices. The survey process presented in this work is based on a WLAN scanning method called Wardriving. Despite its intimidating name, wardriving is simply a form of passive wireless network scanning. Passive wireless network scanning is used for collecting information about the surrounding wireless networks by listening to the messages broadcasted by wireless network devices. To collect our research data, we conducted wardriving surveys on three separate occasions between the spring of 2019 and early spring of 2020, in a typical medium-sized Finnish city. Our survey results show that 2.2% out of the located networks used insecure encryption protocols and 9.2% of the located networks did not use any encryption protocol. While the percentage of insecure networks is moderately low, we observed during our study that private consumers are reluctant to change the factory-set default settings of their wireless network devices, possibly exposing them to other security threats

Access control and availability aspects using wireless solutions based on IEEE 802.11 technologies, providing access to classified networks

Wireless networking is among the fastest growing trends in technology. For military objectives wireless networks are effective and flexible ways of communicating, and important elements in operating quick, accurate and independent. Over the last year’s commercial technology, based on the wireless IEEE 802.11 standard has grown to be low-cost products offering cheap and easy ways to establish rapid communication services. For all that, lacking elements of security, increased availability, weak mechanisms and capabilities in order to protect and safeguard private wireless networking, concerns costumers which require high assurance communication facilities. To comply with physical security, high-end wireless security requirements and protection mechanisms are required to fully ensure the wireless environment and control the enterprise. Wireless networks has not been considered secure enough to be implemented as part of high assurance communication systems which have access to classified information networks. This thesis considers security aspects of wireless networking related to access control and availability, which means that a wide range of security issues will be discussed. Based on availability, the thesis will focus on requirements and mechanisms related to authentication, confidentiality, integrity and authenticity. The thesis has indicated through two problem scenarios that high-end requirements signifies complexity and that security mechanisms must be implemented through adoption and adjustment of the available security protocols IEEE 802.1X and IEEE 802.11i. Still, the thesis has shown that security protocols such as IEEE 802.1X and 802.11i does not solve all security problems. Additional wireless protection systems are required to supervise and control state security in order to protect the wireless network environment. In addition, network-layer security is required to oblige end-to-end security control. The conclusion brings security in wireless network into comprehensive challenges that require fully control to analyze data and operations to consolidate the wireless environment. Considering wireless protection systems which operate as integrated parts of high assurance wireless system, the thesis has investigated mechanisms and ways to actively protect the wireless network environment. The thesis has shown that wireless monitor and honeypot networks introduce potential solutions to meet availability aspects in turns of automatic detection, protection and preventio

Empirical Techniques To Detect Rogue Wireless Devices

Media Access Control (MAC) addresses in wireless networks can be trivially spoofed using off-the-shelf devices. We proposed a solution to detect MAC address spoofing in wireless networks using a hard-to-spoof measurement that is correlated to the location of the wireless device, namely the Received Signal Strength (RSS). We developed a passive solution that does not require modification for standards or protocols. The solution was tested in a live test-bed (i.e., a Wireless Local Area Network with the aid of two air monitors acting as sensors) and achieved 99.77%, 93.16%, and 88.38% accuracy when the attacker is 8–13 m, 4–8 m, and less than 4 m away from the victim device, respectively. We implemented three previous methods on the same test-bed and found that our solution outperforms existing solutions. Our solution is based on an ensemble method known as Random Forests. We also proposed an anomaly detection solution to deal with situations where it is impossible to cover the whole intended area. The solution is totally passive and unsupervised (using unlabeled data points) to build the profile of the legitimate device. It only requires the training of one location which is the location of the legitimate device (unlike the misuse detection solution that train and simulate the existing of the attacker in every possible spot in the network diameter). The solution was tested in the same test-bed and yield about 79% overall accuracy. We build a misuseWireless Local Area Network Intrusion Detection System (WIDS) and discover some important fields in WLAN MAC-layer frame to differentiate the attackers from the legitimate devices. We tested several machine learning algorithms and found some promising ones to improve the accuracy and computation time on a public dataset. The best performing algorithms that we found are Extra Trees, Random Forests, and Bagging. We then used a majority voting technique to vote on these algorithms. Bagging classifier and our customized voting technique have good results (about 96.25 % and 96.32 %respectively) when tested on all the features. We also used a data mining technique based on Extra Trees ensemble method to find the most important features on AWID public dataset. After selecting the most 20 important features, Extra Trees and our voting technique are the best performing classifiers in term of accuracy (96.31 % and 96.32 % respectively)

Impact of Wireless Security Protocols on Data Throughput

The benefits of the IEEE 802.11 Wireless LAN standard give reasons to its gaining global traction since 1997. Frequent improvement to the rule continues to permeate the wireless communication market. In this paper, a critical analysis that underscores the enterprise requirements for wireless systems, protocols information typically investigated. The recital of both IEEE 802.11b and 802.11g via the results of data throughput experiment carried-out on campus and the simulation results from a chosen article analysed. It also discusses the feebleness in WEP as the unproductive crack of the WPA and WPA2 confirmed the security vulnerabilities of WEP. The critical decisions about designing secure wireless networks could underline the global nature of WLAN standards and design. Finally, the paper discusses the comparison of results for the scenarios