163 research outputs found
Wireless Intrusion Prevention Systems
The wireless networks have changed the way organizations work and offered a new range of possibilities, but at the same time they introduced new security threats. While an attacker needs physical access to a wired network in order to launch an attack, a wireless network allows anyone within its range to passively monitor the traffic or even start an attack. One of the countermeasures can be the use of Wireless Intrusion Prevention Systems.Network security, IDS, IPS, wireless intrusion detection, wireless intrusion prevention.
A Review Paper on Security of Wireless Network
In the past few years, wireless networks, specifically those based on the IEEE 802.11 Standard, have experienced tremendous growth. A team at Rice University recovered the 802.11 Wired Equivalent Privacy 128-bit security key which is used by an active network. This Standard has increased the interest and attention of many researchers in recent years. The IEEE 802.11 is a family of standards, which defines and specifies the parts of the standard. This paper explains the survey on the latest development in how to secure an 802.11 wireless network by understanding its security protocols and mechanism. In order to fix security loopholes a public key authentication and key-establishment procedure has been proposed which fixes security loopholes in current standard. The public key cryptosystem is used to establish a session key securely between the client and Access point. Knowing how these mechanism and protocols works, including its weakness and vulnerabilities can be very helpful for planning, designing, implementing and/or hardening a much secure wireless network, effectively minimizing the impact of an attack. The methods used in current research are especially emphasized to analysis the technique of securing 802.11 standards. Finally, in this paper we pointed out some possible future directions of research
IEEE 802.11 i Security and Vulnerabilities
Despite using a variety of comprehensive preventive security measures, the Robust Secure Networks (RSNs) remain vulnerable to a number of attacks. Failure of preventive measures to address all RSN vulnerabilities dictates the need for enhancing the performance of Wireless Intrusion Detection Systems (WIDSs) to detect all attacks on RSNs with less false positive and false negative rates
WISP: a wireless information security portal
M.Sc.Wireless networking is a fairly new technology that is important in information technology (IT). Hotels, Airports, Coffee shops, and homes are all installing wireless networks at a record pace, making wireless networks the best choice for consumers. This popularity of wireless networks is because of the affordability of wireless networks devices, and the easy installation [11]. In spite of the popularity of the wireless networks, one factor that has prevented them from being even more widespread can be summed up in a single word: security. It comes as no surprise that these two – wireless and security – converge to create one of the most important topics in the IT industry today [11]. Wireless networks by nature bring about new challenges unique to its environment. One example of these new challenges is: “Signal overflow beyond physical walls”, and with these kinds of new challenges unique to wireless networks, we have new security risks. Hence wireless networks lend themselves to a host of attack possibilities and risks. That is because wireless networks provide a convenient network access point for an attacker, potentially beyond the physical security controls of the organization [7]. Therefore it is challenging for managers to introduce wireless networks and properly manage the security of wireless networks, Security problems of wireless networks are the main reason for wireless networks not being rolled out optimally [1]. In this dissertation, we aim to present to both specialist and non–specialists in the IT industry the information needed to protect a wireless network. We will first identify and discuss the different security requirements of wireless networks. After that we shall examine the technology that helps make wireless networks secure, and describe the type of attacks against wireless networks and defense techniques to secure wireless networks. The research will concentrate on wireless LANs (Local Area Networks), and leading wireless LAN protocols and standards. The result of the research will be used to create WISP (A Wireless Information Security Portal). WISP will be a tool to support the management of a secure wireless network, and help assure the confidentiality, integrity, and availability of the information systems in a wireless network environment
Token-based Fast Authentication for Wireless Network
Wireless Networks based on WIFI or WIMAX become popular and are used in many places as compliment network to wired LAN to support mobility. The support of mobility of clients, the continuous access anywhere and anytime make WLAN preferable network for many applications. However, there are some issues associated with the usage of WLAN that put some restriction on adapting this technology everywhere. These issues are related to using the best routing algorithm to achieve good performance of throughput and delay, and to securing the open access to avoid attacks at the physical and MAC layer. IEEE 802.1x, suggested a solution to address the security issue at the MAC layer and but there are varieties of implementations address this solution and they differ in performance. IEEE 802.1af tried to address other security issue remained at the MAC layer but it is still at early stage and need verification for easy deployment. In this paper a new technique for securing wireless network using fast token-based authentication has been invented to address the vulnerability inherited by the wireless network at the MAC layer using fast authentication process. This technique is based on an authentication server distributing a security token, public authentication key, and network access key parameter to eligible mobile client MCs during registration. All messages will be encrypted during registration using temporary derived token key, but it will use derived valid token key during authentication. Authenticated MCs will then use derived group temporal key generated from the network access parameter key to encrypt all messages exchanged over the wireless network. The token, the authentication key and the access network parameter key will be only distributed during registration. This makes the security parameters known only to authentication server, authenticator and MC. Hence, this technique will protect the wireless network against attack since attackers are unable to know the token and other security keys. Moreover, it will avoid the exchange of public keys during authentication such as the one used in other existing technologies, and consequently speedup the authentication phase which is very critical to wireless technologies
Wireless Handheld Solution for the Gaming Industry
of the essential elements of success in the gaming industry is the requirement of providing exceptional customer service. Technology plays a significant role in bringing state of the art solutions that enhance the overall customer experience. Currently a guest must go through multiple steps and a variety of departments to simply resolve issues with their player accounts (loyalty programs), update customer profiles, book hotel and restaurant reservations, sign up for promotions, etc. In order to effectively take care of these customers in both a timely and efficient manner, a wireless handheld device is needed that employees can carry with them to resolve and address these concerns. This project is aimed at identifying the proper wireless infrastructure for the gaming environment and also the wireless handheld device, such as an Ultra Mobile PC (UMPC) to effectively and efficiently take care of customers
Security technologies for wireless access to local area networks
In today’s world, computers and networks are connected to all life aspects and professions.
The amount of information, personal and organizational, spread over the network
is increasing exponentially. Simultaneously, malicious attacks are being developed at the
same speed, which makes having a secure network system a crucial factor on every level
and in any organization. Achieving a high protection level has been the goal of many
organizations, such as the Wi-Fi Alliance
R , and many standards and protocols have been
developed over time.
This work addresses the historical development of WLAN security technologies, starting
from the oldest standard, WEP, and reaching the newly released standard WPA3, passing
through the several versions in between,WPA, WPS, WPA2, and EAP. Along with WPA3,
this work addresses two newer certificates, Enhanced OpenTM and Easy ConnectTM. Furthermore,
a comparative analysis of the previous standards is also presented, detailing
their security mechanisms, flaws, attacks, and the measures they have adopted to prevent
these attacks. Focusing on the new released WPA3, this work presents a deep study
on both WPA3 and EAP-pwd. The development of WPA3 had the objective of providing
strong protection, even if the network’s password is considered weak. However, this
objective was not fully accomplished and some recent research work discovered design
flaws in this new standard.
Along with the above studies, this master thesis’ work builds also a network for penetration
testing using a set of new devices that support the new standard. A group of possible
attacks onWi-Fi latest security standards was implemented on the network, testing the response
against each of them, discussing the reason behind the success or the failure of the
attack, and providing a set of countermeasures applicable against these attacks. Obtained results show that WPA3 has overcome many of WPA2’s issues, however, it is still unable to overcome some major Wi-Fi vulnerabilities.No mundo de hoje, os computadores e as redes estão conectados praticamente a todos
os aspectos da nossa vida pessoal e profissional. A quantidade de informações, pessoais
e organizacionais, espalhadas pela rede está a aumentar exponencialmente. Simultaneamente,
também os ataques maliciosos estão a aumentar à mesma velocidade, o que faz
com que um sistema de rede seguro seja um fator crucial a todos os níveis e em qualquer
organização. Alcançar altos níveis de proteção tem sido o objetivo de trabalho de muitas
organizações, como a Wi-Fi Alliance
R , tendo muitos standards e protocolos sido desenvolvidos
ao longo do tempo.
Este trabalho aborda o desenvolvimento histórico das tecnologias de segurança para WLANs,
começando pelo standard mais antigo, WEP, e acabando no recém-chegado WPA3, passando
pelas várias versões intermedias, WPA, WPS, WPA2 e EAP. Juntamente com o
WPA3, este trabalho aborda os dois certificados mais recentes, Enhanced OpenTM e Easy
ConnectTM. Além disso, também é apresentada uma análise comparativa dos standards
anteriores, detalhando os seus principais mecanismos de segurança, falhas, ataques a que
são susceptíveis e medidas adotadas para evitar esses ataques. Quanto ao novo WPA3
e EAP-pwd, este trabalho apresenta um estudo aprofundado sobre os seus modos "Personal"
e "Enterprise". O desenvolvimento do WPA3 teve por objetivo fornecer proteção
forte, mesmo que a password de rede seja considerada fraca. No entanto, esse objetivo
não foi totalmente alcançado e alguma investigação realizada recentemente detectou falhas
de desenho nesse novo padrão.
Juntamente com os estudo dos standards acima referidos, o trabalho realizado para esta
tese de mestrado também constrói uma rede para testes de penetração usando um conjunto
de novos dispositivos que já suportam o novo standard. São aplicados vários ataques aos
mais recentes padrões de segurança Wi-Fi, é testada a sua resposta contra cada um deles,
é discutindo o motivo que justifica o sucesso ou a falha do ataque, e são indicadas
contramedidas aplicáveis a esses ataques. Os resultados obtidos mostram que o WPA3
superou muitos dos problemas do WPA2 mas que, no entanto, ainda é incapaz de superar
algumas das vulnerabilidades presentes nas redes Wi-Fi.First, I would like to express my deepest appreciation to those who gave me the possibility
to complete my study and get my Master degree, the Aga Khan Foundation, who has
supported me financiall
A New MAC Address Spoofing Detection Technique Based on Random Forests
Media access control (MAC) addresses in wireless networks can be trivially spoofed using off-the-shelf devices. The aim of this research is to detect MAC address spoofing in wireless networks using a hard-to-spoof measurement that is correlated to the location of the wireless device, namely the received signal strength (RSS). We developed a passive solution that does not require modification for standards or protocols. The solution was tested in a live test-bed (i.e., a wireless local area network with the aid of two air monitors acting as sensors) and achieved 99.77%, 93.16% and 88.38% accuracy when the attacker is 8–13 m, 4–8 m and less than 4 m away from the victim device, respectively. We implemented three previous methods on the same test-bed and found that our solution outperforms existing solutions. Our solution is based on an ensemble method known as random forests.https://doi.org/10.3390/s1603028
- …