Traffic characteristics mechanism for detecting rogue access point in local area network

Rogue Access Point (RAP) is a network vulnerability involving illicit usage of wireless access point in a network environment. The existence of RAP can be identified using network traffic inspection. The purpose of this thesis is to present a study on the use of local area network (LAN) traffic characterisation for typifying wired and wireless network traffic through examination of packet exchange between sender and receiver by using inbound packet capturing with time stamping to indicate the existence of a RAP. The research is based on the analysis of synchronisation response (SYN/ACK), close connection respond (FIN/ACK), push respond (PSH/ACK), and data send (PAYLOAD) of the provider’s flags which are paired with their respective receiver acknowledgment (ACK). The timestamp of each pair is grouped using the Equal Group technique, which produced group means. These means were then categorised into three zones to form zone means. Subsequently, the zone means were used to generate a global mean that served as a threshold value for identifying RAP. A network testbed was developed from which real network traffic was captured and analysed. A mechanism to typify wired and wireless LAN traffic using the analysis of the global mean used in the RAP detection process has been proposed. The research calculated RAP detection threshold value of 0.002 ms for the wired IEEE 802.3 LAN, while wireless IEEE 802.11g is 0.014 ms and IEEE 802.11n is 0.033 ms respectively. This study has contributed a new mechanism for detecting a RAP through traffic characterisation by examining packet communication in the LAN environment. The detection of RAP is crucial in the effort to reduce vulnerability and to ensure integrity of data exchange in LA

Perancangan Sistem Pengamanan Data Video CCTV ATM (Anjungan Tunai Mandiri) Secara Diskrit dan Terdistibusi Menggunakan WLAN dan Sistem NAS

Pada jurnal ini dirancang suatu sistem pengamanan data video CCTV (Closed Circuit Television)  pada mesin ATM (Anjungan Tunai Mandiri) secara diskrit dan terdistribusi. Sistem ini dimaksudkan untuk mengamankan data video CCTV yang merekam jejak pelaku sebelum terjadi vandalisme terhadap perangkat CCTV, dimana data video disimpan pada perangkat yang tersembunyi di sekitar lokasi mesin ATM. Sistem terdiri dari perekam data dan pengirim data video kamera CCTV ke Server sistem NAS (Network Attached Storage) yang diimplementasikan menggunakan Raspberry Pi. Sistem transmisi data yang dipergunakan adalah jaringan WLAN (Wireless LAN). Sistem yang dirancang diuji secara fungsional berjalan sesuai perancangan dari hasil pengujian pengiriman data, server NAS dengan kamera dan pengirim datanya direkomendasikan ditempatkan dengan jarak antara 1m hingga 7m

IPv6 – Integração, Transição e Segurança

Ao longo dos anos a Internet tornou-se uma ferramenta fundamental para a sociedade e, nos dias de hoje, é praticamente inevitável não usufruir de algumas facilidades proporcionadas pela rede mundial. Devido à sua massificação nos últimos anos, os endereços de IP disponíveis esgotaram-se, pelo que tornou-se necessário a elaboração de uma nova versão do protocolo comunicação, utilizado para suportar todas as comunicações na Internet, o Internet Protocol, versão 6 (IPv6). Apesar da ampla utilização da Internet, a maioria dos seus utilizadores está completamente alheia às questões de segurança, estando por isso exposta a uma diversidade de perigos. O aumento da segurança é também uma das principais missões do IPv6, tendo-se introduzido alguns mecanismos de segurança relevantes. Este trabalho tem como objetivo estudar o IPv6, focando-se especialmente em questões relacionadas com os mecanismos de transição do IPv4 para IPv6 e em aspetos de segurança. Proporcionando uma abordagem teórica ao protocolo e aos conceitos de segurança, este documento apresenta também uma perspetiva mais técnica da implementação do IPv6, pretendendo ser um manual de apoio aos responsáveis pela implementação da versão 6 do IP. Os três métodos de transição, que permitem a atualização do IPv4 para IPv6, são analisados de forma a apoiar a equipa na tomada de decisão sobre qual (ou quais) os métodos de transição a utilizar. Uma parte substancial do trabalho foi dedicada à seleção e estudo de vulnerabilidades que se encontram presentes no IPv6, a forma como são exploradas por parte do atacante, a forma como podem ser classificadas e os processos que diminuem o risco de exposição a essas mesmas vulnerabilidades. Um conjunto de boas práticas na administração da segurança de redes é também apresentada, para melhorar a garantia de que problemas conhecidos não possam ser explorados por utilizadores mal intencionados.The Internet is a quite important tool, and nowadays it is almost impossible to go about our ordinary lives without using some of its functionalities. However, due to its widespread use, the available IP addresses are becoming scarce. This fact triggered the design of a new version of the Internet Protocol (IP), named IPv6. Despite the Internet’s pervasiveness, most of its users remain unaware of its security issues, becoming exposed to an array of dangers. Importantly, one of IPv6’s objectives is to address these by including a set of important security features. The objective of this dissertation is to explore the transition from the IPv4 to IPv6 and to address relevant security aspects related to the implementation of IPv6. We carry out a theoretical overview of the IPv6 protocol concerning its implementation and security related aspects, providing a reference guide aimed at network administrators. In this line, we also analyze the three IPv4 to IPv6 transition methods, to support the networks administrator’s decision and ease the transition process. Focusing on network security, we built a catalogue of known vulnerabilities of IPv6, present information about how they can be explored, look into solutions to mitigate them, along with the proposal of several good security practices

Security Vulnerabilities And Risks In Industrial Usage Of Wireless Communication

Due to its availability and low cost, the use of wireless communication technologies increases in domains beyond the originally intended usage areas, e.g. M2M communication in industrial applications. Such industrial applications often have specific security requirements. Hence, it is important to understand the characteristics of such applications and evaluate the vulnerabilities bearing the highest risk in this context. We present a comprehensive overview of security issues and features in existing WLAN, NFC and ZigBee standards, investigating the usage characteristics of these standards in industrial environments. We apply standard risk assessment methods to identify vulnerabilities with the highest risk across multiple technologies. We present a threat catalogue, conclude in which direction new mitigation methods should progress and how security analysis methods should be extended to meet requirements in the M2M domain.Informationstechnologie und Informationsmanagemen