142 research outputs found
A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends
This paper examines the security vulnerabilities and threats imposed by the
inherent open nature of wireless communications and to devise efficient defense
mechanisms for improving the wireless network security. We first summarize the
security requirements of wireless networks, including their authenticity,
confidentiality, integrity and availability issues. Next, a comprehensive
overview of security attacks encountered in wireless networks is presented in
view of the network protocol architecture, where the potential security threats
are discussed at each protocol layer. We also provide a survey of the existing
security protocols and algorithms that are adopted in the existing wireless
network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term
evolution (LTE) systems. Then, we discuss the state-of-the-art in
physical-layer security, which is an emerging technique of securing the open
communications environment against eavesdropping attacks at the physical layer.
We also introduce the family of various jamming attacks and their
counter-measures, including the constant jammer, intermittent jammer, reactive
jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the
integration of physical-layer security into existing authentication and
cryptography mechanisms for further securing wireless networks. Finally, some
technical challenges which remain unresolved at the time of writing are
summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201
Developing a Systematic Process for Mobile Surveying and Analysis of WLAN security
Wireless Local Area Network (WLAN), familiarly known as Wi-Fi, is one of the most used wireless networking technologies. WLANs have rapidly grown in popularity since the release of the original IEEE 802.11 WLAN standard in 1997. We are using our beloved wireless internet connection for everything and are connecting more and more devices into our wireless networks in every form imaginable. As the number of wireless network devices keeps increasing, so does the importance of wireless network security.
During its now over twenty-year life cycle, a multitude of various security measures and protocols have been introduced into WLAN connections to keep our wireless communication secure. The most notable security measures presented in the 802.11 standard have been the encryption protocols Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). Both encryption protocols have had their share of flaws and vulnerabilities, some of them so severe that the use of WEP and the first generation of the WPA protocol have been deemed irredeemably broken and unfit to be used for WLAN encryption. Even though the aforementioned encryption protocols have been long since deemed fatally broken and insecure, research shows that both can still be found in use today.
The purpose of this Master’s Thesis is to develop a process for surveying wireless local area networks and to survey the current state of WLAN security in Finland. The goal has been to develop a WLAN surveying process that would at the same time be efficient, scalable, and easily replicable. The purpose of the survey is to determine to what extent are the deprecated encryption protocols used in Finland. Furthermore, we want to find out in what state is WLAN security currently in Finland by observing the use of other WLAN security practices. The survey process presented in this work is based on a WLAN scanning method called Wardriving. Despite its intimidating name, wardriving is simply a form of passive wireless network scanning. Passive wireless network scanning is used for collecting information about the surrounding wireless networks by listening to the messages broadcasted by wireless network devices.
To collect our research data, we conducted wardriving surveys on three separate occasions between the spring of 2019 and early spring of 2020, in a typical medium-sized Finnish city. Our survey results show that 2.2% out of the located networks used insecure encryption protocols and 9.2% of the located networks did not use any encryption protocol. While the percentage of insecure networks is moderately low, we observed during our study that private consumers are reluctant to change the factory-set default settings of their wireless network devices, possibly exposing them to other security threats
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabilities (WIFI)
The growing volume of attacks on the Internet has increased the demand for more robust systems and sophisticated tools for vulnerability analysis, intrusion detection, forensic investigations, and possible responses. Current hacker tools and technologies warrant reengineering to address cyber crime and homeland security. The being aware of the flaws on a network is necessary to secure the information infrastructure by gathering network topology, intelligence, internal/external vulnerability analysis, and penetration testing. This paper has as main objective to minimize damages and preventing the attackers from exploiting weaknesses and vulnerabilities in the 4 ways handshake (WIFI).We equally present a detail study on various attacks and some solutions to avoid or prevent such attacks in WLAN
An analyzing process on wireless protection criteria focusing on (WPA) within computer network security
Network security from a long ago approaches to cryptography and hash functions which are tremendous and due to the weakness of different vulnerabilities in the networks and obviously there is a significant need for analyzes. In this manuscript, the state-of-the-art wireless environment is focused solely on the sensor technology, in which security needs to be integrated with the Wireless Protected Access (WPA) standards. Wireless networking includes numerous points of view from wireless sensor systems, ad hoc mobile devices, Wi-Max and many more. The authentication and dynamic encryption is modified by system managers so that general communication can be anchored without any sniper effort in order to perform higher degrees of security and overall execution. The key exchange mechanism in wireless systems such as forward cases is accompanied by the sophisticated cryptography so as to anchor the whole computer state. The manuscript carries out a significant audit of test points of view using the methodologies used for the cryptography angle for protection and honesty in the wireless case, stressing Wi-Fi Secure Protected (WPA) needs
Overview of the Course in “Wireless and Mobile Security”
This paper provides an overview of “Wireless and Mobile Security” course. The course offers practical study of security issues and features concerning wireless security. The program of the course effciently interleaves systematic theoretical knowledge and practical work. The theoretical part of the course includes basic information about the architecture of wireless networks, as well as available in this area to modern standards and protection mechanisms built into the equipment for wireless networks. It is also proposed an effective method for integrating a wireless network with the existing network infrastructure, taking into account all aspects of security. More than 50 percent of teaching time is devoted to practical work on the protection of wireless networks.
During the course skills to work with software NetStumbler, Kismet, AirSnort, Aircrack, and other monitoring wireless and network tools will be acquired. Particular attention is paid to the use of the most common tools of audit wireless networks, both commercial, and open source. In conclusion, a comprehensive approach to wireless security will be offered for each wireless technology
A 2013 Study of Wireless Network Security in New Zealand: Are We There Yet?
This research examines the current level of security in wireless networks in New Zealand. A comprehensive wardrive covering the length of the country was made in January 2013 to ensure accurate comparisons from two previous wardrives as well as comparisons between the four main cities and the suburbs can be made. With 16 years since the introduction of the original IEEE 802.11 wireless standard having passed, an examination is made of the current state of wireless security of networks throughout New Zealand and the Auckland suburbs, and where possible compares these results with similar studies undertaken in 2004 and 2011. Additionally, comparisons are made with growth of numbers of access points, security standards implementations and channel selections. This study looks at whether wireless network security has reached the levels hoped for in 1999 when security was built in to the IEEE 802.11a and 802.11b standards and concludes that whilst vastly improved, there is still some way to go. Finally, some recommendations are made as to what still needs to be addressed to ensure efficient and secure communications with wireless networks
Wi-Fi Security Analysis
AbstractIn recent years, a significant increasing in development of Wireless networks is noticed; they become an entire part of the Internet and demonstrate effectiveness in handling communication for reduced public LAN and military applications. This is mainly due to their mobility and low cost solutions; nevertheless, they are also prone to several attacks related to data integrity, Deni of Service and eavesdropping. This paper discusses wireless security protocols, their limitations and weakness. We present also an overview of the FMS (Fluhrer, Mantin, Shamir), a recovery key attack and demonstrate its effectiveness in reducing the average number of intercept packets based on a well choice of IV (initialization vectors). Some comparative experiments on ciphertext-only attacks were performed in order to study the efficiency of such technique and underline encountered difficulties
Security and Authentication for 802.11 Wireless Networks
Wireless Networks is a very growing market. However, the security measures are not strong enough; the WEP security protocol is flawed. The 802.11 Task Group I is working on new security measures in order to strengthen the access control of users, the privacy and the integrity of data. We will describe the WEP flaws and the new security measures of 802.11 Task Group I. Finally, we will propose a new architecture to improve user identification for the wireless network of our department
Security technologies for wireless access to local area networks
In today’s world, computers and networks are connected to all life aspects and professions.
The amount of information, personal and organizational, spread over the network
is increasing exponentially. Simultaneously, malicious attacks are being developed at the
same speed, which makes having a secure network system a crucial factor on every level
and in any organization. Achieving a high protection level has been the goal of many
organizations, such as the Wi-Fi Alliance
R , and many standards and protocols have been
developed over time.
This work addresses the historical development of WLAN security technologies, starting
from the oldest standard, WEP, and reaching the newly released standard WPA3, passing
through the several versions in between,WPA, WPS, WPA2, and EAP. Along with WPA3,
this work addresses two newer certificates, Enhanced OpenTM and Easy ConnectTM. Furthermore,
a comparative analysis of the previous standards is also presented, detailing
their security mechanisms, flaws, attacks, and the measures they have adopted to prevent
these attacks. Focusing on the new released WPA3, this work presents a deep study
on both WPA3 and EAP-pwd. The development of WPA3 had the objective of providing
strong protection, even if the network’s password is considered weak. However, this
objective was not fully accomplished and some recent research work discovered design
flaws in this new standard.
Along with the above studies, this master thesis’ work builds also a network for penetration
testing using a set of new devices that support the new standard. A group of possible
attacks onWi-Fi latest security standards was implemented on the network, testing the response
against each of them, discussing the reason behind the success or the failure of the
attack, and providing a set of countermeasures applicable against these attacks. Obtained results show that WPA3 has overcome many of WPA2’s issues, however, it is still unable to overcome some major Wi-Fi vulnerabilities.No mundo de hoje, os computadores e as redes estão conectados praticamente a todos
os aspectos da nossa vida pessoal e profissional. A quantidade de informações, pessoais
e organizacionais, espalhadas pela rede está a aumentar exponencialmente. Simultaneamente,
também os ataques maliciosos estão a aumentar à mesma velocidade, o que faz
com que um sistema de rede seguro seja um fator crucial a todos os níveis e em qualquer
organização. Alcançar altos níveis de proteção tem sido o objetivo de trabalho de muitas
organizações, como a Wi-Fi Alliance
R , tendo muitos standards e protocolos sido desenvolvidos
ao longo do tempo.
Este trabalho aborda o desenvolvimento histórico das tecnologias de segurança para WLANs,
começando pelo standard mais antigo, WEP, e acabando no recém-chegado WPA3, passando
pelas várias versões intermedias, WPA, WPS, WPA2 e EAP. Juntamente com o
WPA3, este trabalho aborda os dois certificados mais recentes, Enhanced OpenTM e Easy
ConnectTM. Além disso, também é apresentada uma análise comparativa dos standards
anteriores, detalhando os seus principais mecanismos de segurança, falhas, ataques a que
são susceptíveis e medidas adotadas para evitar esses ataques. Quanto ao novo WPA3
e EAP-pwd, este trabalho apresenta um estudo aprofundado sobre os seus modos "Personal"
e "Enterprise". O desenvolvimento do WPA3 teve por objetivo fornecer proteção
forte, mesmo que a password de rede seja considerada fraca. No entanto, esse objetivo
não foi totalmente alcançado e alguma investigação realizada recentemente detectou falhas
de desenho nesse novo padrão.
Juntamente com os estudo dos standards acima referidos, o trabalho realizado para esta
tese de mestrado também constrói uma rede para testes de penetração usando um conjunto
de novos dispositivos que já suportam o novo standard. São aplicados vários ataques aos
mais recentes padrões de segurança Wi-Fi, é testada a sua resposta contra cada um deles,
é discutindo o motivo que justifica o sucesso ou a falha do ataque, e são indicadas
contramedidas aplicáveis a esses ataques. Os resultados obtidos mostram que o WPA3
superou muitos dos problemas do WPA2 mas que, no entanto, ainda é incapaz de superar
algumas das vulnerabilidades presentes nas redes Wi-Fi.First, I would like to express my deepest appreciation to those who gave me the possibility
to complete my study and get my Master degree, the Aga Khan Foundation, who has
supported me financiall
Static and Dynamic 4-Way Handshake Solutions to Avoid Denial of Service Attack in Wi-Fi Protected Access and IEEE 802.11i
This paper focuses on WPA and IEEE 802.11i protocols that represent two important solutions in the wireless environment. Scenarios where it is possible to produce a DoS attack and DoS flooding attacks are outlined. The last phase of the authentication process, represented by the 4-way handshake procedure, is shown to be unsafe from DoS attack. This can produce the undesired effect of memory exhaustion if a flooding DoS attack is conducted. In order to avoid DoS attack without increasing the complexity of wireless mobile devices too much and without changing through some further control fields of the frame structure of wireless security protocols, a solution is found and an extension of WPA and IEEE 802.11 is proposed. A protocol extension with three "static" variants and with a resource-aware dynamic approach is considered. The three enhancements to the standard protocols are achieved through some simple changes on the client side and they are robust against DoS and DoS flooding attack. Advantages introduced by the proposal are validated by simulation campaigns and simulation parameters such as attempted attacks, successful attacks, and CPU load, while the algorithm execution time is evaluated. Simulation results show how the three static solutions avoid memory exhaustion and present a good performance in terms of CPU load and execution time in comparison with the standard WPA and IEEE 802.11i protocols. However, if the mobile device presents different resource availability in terms of CPU and memory or if resource availability significantly changes in time, a dynamic approach that is able to switch among three different modalities could be more suitable
- …