A Survey of Positioning Techniques and Location Based Services in Wireless Networks

International audiencePositioning techniques are known in a wide variety of wireless radio access technologies. Traditionally, Global Positioning System (GPS) is the most popular outdoor positioning system. Localization also exists in mobile networks such as Global System for Mobile communications (GSM). Recently, Wireless Local Area Networks (WLAN) become widely deployed, and they are also used for localizing wireless-enabled clients. Many techniques are used to estimate client position in a wireless network. They are based on the characteristics of the received wireless signals: power, time or angle of arrival. In addition, hybrid positioning techniques make use of the collaboration between different wireless radio access technologies existing in the same geographical area. Client positioning allows the introduction of numerous services like real-time tracking, security alerts, informational services and entertainment applications. Such services are known as Location Based Services (LBS), and they are useful in both commerce and security sectors. In this paper, we explain the principles behind positioning techniques used in satellite networks, mobile networks and Wireless Local Area Networks. We also describe hybrid localization methods that exploit the coexistence of several radio access technologies in the same region, and we classify the location based services into several categories. When localization accuracy is improved, position-dependant services become more robust and efficient, and user satisfaction increases

Analisa Infrastruktur Jaringan Wireless dan Local Area Network (WLAN) Meggunakan Wireshark Serta Metode Penetration Testing Kali Linux

Computer networks and the internet play an important role for the smooth running of various fields of work. One example of information and communication technology is the Wireless Local Area Network (WLAN) or also called wireless local network technology. The method used in this research is the Penetration Testing method, with the intention of analyzing the Wireless Network computer security system in the STMIK Bina Patria Laboratory. Testing is carried out with several activities, including identifying and exploiting vulnerabilities in computer network security. In analyzing the security of the WLAN network, it is carried out using the Penetration Testing method where a form of attack on the network is simulated, one of the operating systems that has the right specifications in this regard is Kali Linux. Wireless network is a network that is widely used in institutions and public places. Even though it has a security system, wireless networks can still be attacked by attackers

QoS Provision for Wireless Sensor Networks

Wireless sensor network is a fast growing area of research, receiving attention not only within the computer science and electrical engineering communities, but also in relation to network optimization, scheduling, risk and reliability analysis within industrial and system engineering. The availability of micro-sensors and low-power wireless communications will enable the deployment of densely distributed sensor/actuator networks. And an integration of such system plays critical roles in many facets of human life ranging from intelligent assistants in hospitals to manufacturing process, to rescue agents in large scale disaster response, to sensor networks tracking environment phenomena, and others. The sensor nodes will perform significant signal processing, computation, and network self-configuration to achieve scalable, secure, robust and long-lived networks. More specifically, sensor nodes will do local processing to reduce energy costs, and key exchanges to ensure robust communications. These requirements pose interesting challenges for networking research. The most important technical challenge arises from the development of an integrated system which is 1)energy efficient because the system must be long-lived and operate without manual intervention, 2)reliable for data communication and robust to attackers because information security and system robustness are important in sensitive applications, such as military. Based on the above challenges, this dissertation provides Quality of Service (QoS) implementation and evaluation for the wireless sensor networks. It includes the following 3 modules, 1) energy-efficient routing, 2) energy-efficient coverage, 3). communication security. Energy-efficient routing combines the features of minimum energy consumption routing protocols with minimum computational cost routing protocols. Energy-efficient coverage provides on-demand sensing and measurement. Information security needs a security key exchange scheme to ensure reliable and robust communication links. QoS evaluation metrics and results are presented based on the above requirements

Modelling a multichannel security protocol to address Man in the Middle attacks

Unlike wired networks, wireless networks cannot be physically protected, mak ing them greatly at risk. This study looks into advanced ways of implementing security techniques in wireless networks. It proposes using model checking and the orem proving to prove and validate a security protocol of data transmission over multi-channel in Wireless Local Area Networks (WLANs) between two sources. This can help to reduce the risk of wireless networks being vulnerable to Man in the Middle (MitM) attacks. We model secure transmission over a two-host two-channel wireless network and consider the transmission in the presence of a MitM attack. The main goal of adding an extra channel to the main channel is to provide security by stopping MitM from getting any readable data once one of these channels has been attacked. We analyse the model for vulnerabilities and specify assertions for secure data transmission over a multi-channel WLAN. Our approach uses the model analyser Alloy which uses a Satisfiability (SAT) solver to find a model of a Boolean formula. Alloy characterizations of security models are written to analyse and verify that the implementation of a system is correct and achieves security relative to assertions about the model of our security protocol. Further, we use the Z3 theorem prover to check satisfiability using the Satisfiability Modulo Theories (SMT) solver to generate results. Using Z3 does not involve high costs and can help with providing reliable results that are accurate and practical for complex designs. We conclude that, based on the results we achieved from analysing our pro tocol using Alloy and Z3 SMT solver, the solvers complement each other in their strengths and weaknesses. The common weakness is that neither can tell us why the model is inconsistent, if it is inconsistent. We suggest that an approach of be ginning with modelling a problem using Alloy and then turning to prove it using Z3, increases overall confidence in a model

Increasing security in the physical layer of wireless communication

This paper introduces a concept of increasing securing in the Physical layer (PHY) of wireless communication. It gives a short description of current status of wireless standards and their security. Despite the existence of advanced security protocols such as IEEE 802.11i or WLAN VPNs, wireless networks still remain vulnerable to denial-of-service (DoS) attacks aiming at PHY and Data Link Layers. The new solution challenges the problems with the currently defined PHY and Data Link layers. The concept introduced here, holds a promise of descending with some of the security measures to the lower layers of the TCP/IP and in this way not only increases security but also efficiency and performance. In addition this model would reduce management overhead and security architecture complexity. The proposed solution is dealing with: encryption implemented as part of modulation techniques as well as authentication procedures partially deployed within the first two layers of Open System Interconnection (OSI) protocol stack. The introduced model attempts to solve problems related to DoS that is focused on Data Link Layer, eavesdropping and man-in-the-middle (MITM) attacks. Additionally, there are presented some ideas for future research in the area of protection from malicious activity aimed at the PHY Layer – e.g., jamming attacks, as well as other security issues such as eavesdropping prevention by use of physics laws and tunnelling as another layer of protection to ensure privacy and signal robustness. The potential deployment of this technology embraces Wireless Local Area Networks (WLANs) as well as the emerging IEEE 802.16e (mobile WiMAX) standard. In this paper there are considered and analysed practical needs, defined necessary steps and set priorities. In the final part, there are presented challenges concerning the research and there is established a background for the consecutive papers

Improved detection of Probe Request Attacks : Using Neural Networks and Genetic Algorithm

The Media Access Control (MAC) layer of the wireless protocol, Institute of Electrical and Electronics Engineers (IEEE) 802.11, is based on the exchange of request and response messages. Probe Request Flooding Attacks (PRFA) are devised based on this design flaw to reduce network performance or prevent legitimate users from accessing network resources. The vulnerability is amplified due to clear beacon, probe request and probe response frames. The research is to detect PRFA of Wireless Local Area Networks (WLAN) using a Supervised Feedforward Neural Network (NN). The NN converged outstandingly with train, valid, test sample percentages 70, 15, 15 and hidden neurons 20. The effectiveness of an Intruder Detection System depends on its prediction accuracy. This paper presents optimisation of the NN using Genetic Algorithms (GA). GAs sought to maximise the performance of the model based on Linear Regression (R) and generated R > 0.95. Novelty of this research lies in the fact that the NN accepts user and attacker training data captured separately. Hence, security administrators do not have to perform the painstaking task of manually identifying individual frames for labelling prior training. The GA provides a reliable NN model and recognises the behaviour of the NN for diverse configurations

Large-scale Wireless Local-area Network Measurement and Privacy Analysis

The edge of the Internet is increasingly becoming wireless. Understanding the wireless edge is therefore important for understanding the performance and security aspects of the Internet experience. This need is especially necessary for enterprise-wide wireless local-area networks (WLANs) as organizations increasingly depend on WLANs for mission- critical tasks. To study a live production WLAN, especially a large-scale network, is a difficult undertaking. Two fundamental difficulties involved are (1) building a scalable network measurement infrastructure to collect traces from a large-scale production WLAN, and (2) preserving user privacy while sharing these collected traces to the network research community. In this dissertation, we present our experience in designing and implementing one of the largest distributed WLAN measurement systems in the United States, the Dartmouth Internet Security Testbed (DIST), with a particular focus on our solutions to the challenges of efficiency, scalability, and security. We also present an extensive evaluation of the DIST system. To understand the severity of some potential trace-sharing risks for an enterprise-wide large-scale wireless network, we conduct privacy analysis on one kind of wireless network traces, a user-association log, collected from a large-scale WLAN. We introduce a machine-learning based approach that can extract and quantify sensitive information from a user-association log, even though it is sanitized. Finally, we present a case study that evaluates the tradeoff between utility and privacy on WLAN trace sanitization

Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network

In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.Comment: 16 pages, International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010. arXiv admin note: text overlap with arXiv:1111.1933 by other author

Data Monitoring and Analysis in Wireless Networks

Various wireless network technologies have been created to meet the ever-increasing demand for wireless access to the Internet, such as wireless local area network, cellular network, sensor network and many more. The communication devices have transformed from large computational servers to small wireless hand-held devices, ranging from laptops, tablets, smartphones to small sensors. The advances of these wireless networks (e.g., faster network speed) and their intensive usages result in an enormous growth of network data in terms of volume, diversity, and complexity. All of these changes have raised complicated issues of network measurement and management. In the first part of this thesis, I study how WiFi network characteristics impact network forensics investigation and home security monitoring. I first focus on network forensics investigation and propose a wireless forensic monitoring system to collect trace digests of WiFi activities and facilitate cybercrime investigation. Then, I design and develop a low-cost home security system based on WiFi networks for physical intruder detection. Two methods - MAC-based detection and RSSI-variance-based detection, are proposed based on the characteristics of WiFi networks. In the second part, I study how to effectively and efficiently model multiple coevolving time series, which is ubiquitous in network measurement especially in wireless sensor networks. Two comprehensive algorithms are proposed to address three prominent challenges of mining coevolving sensor measured traces: (a) high order; (b) contextual constraints; and (c) temporal smoothness

Quarantine region scheme to mitigate spam attacks in wireless sensor networks

The Quarantine Region Scheme (QRS) is introduced to defend against spam attacks in wireless sensor networks where malicious antinodes frequently generate dummy spam messages to be relayed toward the sink. The aim of the attacker is the exhaustion of the sensor node batteries and the extra delay caused by processing the spam messages. Network-wide message authentication may solve this problem with a cost of cryptographic operations to be performed over all messages. QRS is designed to reduce this cost by applying authentication only whenever and wherever necessary. In QRS, the nodes that detect a nearby spam attack assume themselves to be in a quarantine region. This detection is performed by intermittent authentication checks. Once quarantined, a node continuously applies authentication measures until the spam attack ceases. In the QRS scheme, there is a tradeoff between the resilience against spam attacks and the number of authentications. Our experiments show that, in the worst-case scenario that we considered, a not quarantined node catches 80 percent of the spam messages by authenticating only 50 percent of all messages that it processe