23 research outputs found

    Review on wireless security protocols (WPA2 & WPA3)

    Get PDF
    Wireless technologies by virtue of supporting essential life activities and enabling communication have become one of the key components of every individual and organization's life. Wi-Fi has many security protocols. Despite multiple Wi-Fi security standards, hackers use Wi-Fi cracking tools to abuse wireless communications. This paper mostly will focus on the WPA2 protocol, which is largely in use nowadays, and its vulnerabilities. In addition, will discuss some key features of the WPA3 protocol

    Performance analysis of wireless intrusion detection systems

    Get PDF
    Wireless intrusion detection system (WIDS) has become a matter of increasing concern in recent years as a crucial element in wireless network security. WIDS monitors 802.11 traffic to identify the intrusive activities, and then alerts the complementary prevention part to combat the attacks. Selecting a reliable WIDS system necessitates inevitably taking into account a credible evaluation of WIDSs performance. WIDS effectiveness is considered the basic factor in evaluating the WIDS performance, thus it receives great attention in this thesis. Most previous experimental evaluations of intrusion detection systems (IDSs) were concerned with the wired IDSs, with an apparent lack of evaluating the wireless IDSs (WIDSs). In this thesis, we try to manipulate three main critiques of most pervious evaluations; lack of comprehensive evaluation methodology, holistic attack classification, and expressive evaluation metrics. In this thesis, we introduce a comprehensive evaluation methodology that covers all the essential dimensions for a credible evaluation of WIDSs performance. The main pivotal dimensions in our methodology are characterizing and generating the evaluation dataset, defining reliable and expressive evaluation metrics, and overcoming the evaluation limitations. Basically, evaluation dataset consists of two main parts; normal traffic (as a background) and malicious traffic. The background traffic, which comprises normal and benign activities in the absence of attacks, was generated in our experimental evaluation tests as real controlled traffic. The second and important part of the dataset is the malicious traffic which is composed of intrusive activities. Comprehensive and credible evaluation of WIDSs necessitates taking into account all possible attacks. While this is operationally impossible, it is necessary to select representative attack test cases that are extracted mainly from a comprehensive classification of wireless attacks. Dealing with this challenge, we have developed a holistic taxonomy of wireless security attacks from the perspective of the WIDS evaluator. The second pivotal dimension in our methodology is defining reliable evaluation metrics. We introduce a new evaluation metric EID (intrusion detection effectiveness) that manipulates the drawbacks of the previously proposed metrics, especially the common drawback of their main notion that leads to measuring a relative effectiveness. The notion of our developed metric EID helps in measuring the actual effectiveness. We also introduce another metric RR (attack recognition rate) to evaluate the ability of WIDS to recognize the attack type. The third important dimension in our methodology is overcoming the evaluation limitations. The great challenge that we have faced in the experimental evaluation of WIDSs is the uncontrolled traffic over the open wireless medium. This uncontrolled traffic affects the accuracy of the measurements. We overcame this problem by constructing an RF shielded testbed to take all the measurements under our control without any interfering from any adjacent stations. Finally, we followed our methodology and conducted experimental evaluation tests of two popular WIDSs (Kismet and AirSnare), and demonstrated the utility of our proposed solutions

    Analyse de performance des systĂšmes de dĂ©tection d’intrusion sans-fil

    Get PDF
    La sĂ©curitĂ© des rĂ©seaux sans fil fait l’objet d’une attention considĂ©rable ces derniĂšres annĂ©es. Toutefois, les communications sans fil sont confrontĂ©es Ă  plusieurs types de menaces et d’attaques. Par consĂ©quent, d’importants efforts, visant Ă  sĂ©curiser davantage les rĂ©seaux sans fil, ont dĂ» ĂȘtre fournis pour en vue de lutter contre les attaques sans fil. Seulement, croire qu’une prĂ©vention intĂ©grale des attaques peut s’effectuer au niveau de la premiĂšre ligne de dĂ©fense d’un systĂšme (pare-feux, chiffrement, 
) n’est malheureusement qu’illusion. Ainsi, l’accent est de plus en plus portĂ© sur la dĂ©tection des attaques sans fil au travers d’une seconde ligne de dĂ©fense, matĂ©rialisĂ©e par les systĂšmes de dĂ©tection d’intrusions sans fil (WIDS). Les WIDS inspectent le trafic sans fil, respectant la norme 802.11, ainsi que les activitĂ©s du systĂšme dans le but de dĂ©tecter des activitĂ©s malicieuses. Une alerte est ensuite envoyĂ©e aux briques chargĂ©es de la prĂ©vention pour contrer l’attaque. SĂ©lectionner un WIDS fiable dĂ©pend principalement de l’évaluation mĂ©ticuleuse de ses performances. L’efficacitĂ© du WIDS est considĂ©rĂ©e comme le facteur fondamental lors de l’évaluation de ses performances, nous lui accordons donc un grand intĂ©rĂȘt dans ces travaux de thĂšse. La majeure partie des Ă©tudes expĂ©rimentales visant l’évaluation des systĂšmes de dĂ©tection d’intrusions (IDS) s’intĂ©ressait aux IDS filaires, reflĂ©tant ainsi une carence claire en matiĂšre d’évaluation des IDS sans fil (WIDS). Au cours de cette thĂšse, nous avons mis l’accent sur trois principales critiques visant la plupart des prĂ©cĂ©dentes Ă©valuations : le manque de mĂ©thodologie d’évaluation globale, de classification d’attaque et de mĂ©triques d’évaluation fiables. Au cours de cette thĂšse, nous sommes parvenus Ă  dĂ©velopper une mĂ©thodologie complĂšte d’évaluation couvrant toutes les dimensions nĂ©cessaires pour une Ă©valuation crĂ©dible des performances des WIDSs. Les axes principaux de notre mĂ©thodologie sont la caractĂ©risation et la gĂ©nĂ©ration des donnĂ©es d’évaluation, la dĂ©finition de mĂ©triques d’évaluation fiables tout en Ă©vitant les limitations de l’évaluation. Fondamentalement, les donnĂ©es d’évaluation sont constituĂ©es de deux principales composantes Ă  savoir: un trafic normal et un trafic malveillant. Le trafic normal que nous avons gĂ©nĂ©rĂ© au cours de nos tests d’évaluation Ă©tait un trafic rĂ©el que nous contrĂŽlions. La deuxiĂšme composante des donnĂ©es, qui se trouve ĂȘtre la plus importante, est le trafic malveillant consistant en des activitĂ©s intrusives. Une Ă©valuation complĂšte et crĂ©dible des WIDSs impose la prise en compte de tous les scĂ©narios et types d’attaques Ă©ventuels. Cela Ă©tant impossible Ă  rĂ©aliser, il est nĂ©cessaire de sĂ©lectionner certains cas d’attaque reprĂ©sentatifs, principalement extraits d’une classification complĂšte des attaques sans fil. Pour relever ce dĂ©fi, nous avons dĂ©veloppĂ© une taxinomie globale des attaques visant la sĂ©curitĂ© des rĂ©seaux sans fil, d’un point de vue de l’évaluateur des WIDS. Le deuxiĂšme axe de notre mĂ©thodologie est la dĂ©finition de mĂ©triques fiables d’évaluation. Nous avons introduit une nouvelle mĂ©trique d’évaluation, EID (EfficacitĂ© de la dĂ©tection d’intrusion), visant Ă  pallier les limitations des prĂ©cĂ©dentes mĂ©triques proposĂ©es. Nous avons dĂ©montrĂ© l’utilitĂ© de la mĂ©trique EID par rapport aux autres mĂ©triques proposĂ©es prĂ©cĂ©demment et comment elle parvenait Ă  mesurer l’efficacitĂ© rĂ©elle tandis que les prĂ©cĂ©dentes mĂ©triques ne mesuraient qu’une efficacitĂ© relative. L’EID peut tout aussi bien ĂȘtre utilisĂ© pour l’évaluation de l’efficacitĂ© des IDS filaires et sans fil. Nous avons aussi introduit une autre mĂ©trique notĂ©e RR (Taux de Reconnaissance), pour mesurer l’attribut de reconnaissance d’attaque. Un important problĂšme se pose lorsque des tests d’évaluation des WIDS sont menĂ©s, il s’agit des donnĂ©es de trafics incontrĂŽlĂ©s sur le support ouvert de transmission. Ce trafic incontrĂŽlĂ© affecte sĂ©rieusement la pertinence des mesures. Pour outrepasser ce problĂšme, nous avons construit un banc d’essai RF blindĂ©, ce qui nous a permis de prendre des mesures nettes sans aucune interfĂ©rence avec quelconque source de trafic incontrĂŽlĂ©. Pour finir, nous avons appliquĂ© notre mĂ©thodologie et effectuĂ© des Ă©valuations expĂ©rimentales relatives Ă  deux WIDSs populaires (Kismet et AirSnare); nous avons dĂ©montrĂ© Ă  l’issue de ces Ă©valuations pratiques et l’utilitĂ© de nos solutions proposĂ©es. ABSTRACT : Wireless intrusion detection system (WIDS) has become a matter of increasing concern in recent years as a crucial element in wireless network security. WIDS monitors 802.11 traffic to identify the intrusive activities, and then alerts the complementary prevention part to combat the attacks. Selecting a reliable WIDS system necessitates inevitably taking into account a credible evaluation of WIDSs performance. WIDS effectiveness is considered the basic factor in evaluating the WIDS performance, thus it receives great attention in this thesis. Most previous experimental evaluations of intrusion detection systems (IDSs) were concerned with the wired IDSs, with an apparent lack of evaluating the wireless IDSs (WIDSs). In this thesis, we try to manipulate three main critiques of most pervious evaluations; lack of comprehensive evaluation methodology, holistic attack classification, and expressive evaluation metrics. In this thesis, we introduce a comprehensive evaluation methodology that covers all the essential dimensions for a credible evaluation of WIDSs performance. The main pivotal dimensions in our methodology are characterizing and generating the evaluation dataset, defining reliable and expressive evaluation metrics, and overcoming the evaluation limitations. Basically, evaluation dataset consists of two main parts; normal traffic (as a background) and malicious traffic. The background traffic, which comprises normal and benign activities in the absence of attacks, was generated in our experimental evaluation tests as real controlled traffic. The second and important part of the dataset is the malicious traffic which is composed of intrusive activities. Comprehensive and credible evaluation of WIDSs necessitates taking into account all possible attacks. While this is operationally impossible, it is necessary to select representative attack test cases that are extracted mainly from a comprehensive classification of wireless attacks. Dealing with this challenge, we have developed a holistic taxonomy of wireless security attacks from the perspective of the WIDS evaluator. The second pivotal dimension in our methodology is defining reliable evaluation metrics. We introduce a new evaluation metric EID (intrusion detection effectiveness) that manipulates the drawbacks of the previously proposed metrics, especially the common drawback of their main notion that leads to measuring a relative effectiveness. The notion of our developed metric EID helps in measuring the actual effectiveness. We also introduce another metric RR (attack recognition rate) to evaluate the ability of WIDS to recognize the attack type. The third important dimension in our methodology is overcoming the evaluation limitations. The great challenge that we have faced in the experimental evaluation of WIDSs is the uncontrolled traffic over the open wireless medium. This uncontrolled traffic affects the accuracy of the measurements. We overcame this problem by constructing an RF shielded testbed to take all the measurements under our control without any interfering from any adjacent stations. Finally, we followed our methodology and conducted experimental evaluation tests of two popular WIDSs (Kismet and AirSnare), and demonstrated the utility of our proposed solutions

    Wireless Security Protocol in DNA Bio-Inspired Network

    Get PDF
    The 21st century communications have evolved rapidly and spread all over the world using the Wi-Fi network which has provided benefits of connection which become more desirable for users to connect to the internet. These benefits are driving the world to a major internet security issues that links to harm their own sensitive data and it resulting for generates encouragement for attackers to drill the legitimate user’s Wi-Fi connection to access to where they want to organize and eavesdropping the data passed to hack them through and revealing it to check whether it is useful for them, hence exploiting packets travelling through the user’s Wi-Fi and using of the powerful of super sniffer techniques by the hackers to break in to such as malware and sniffing software that allows them to crack on the Wi-Fi to steal the data of the user who uses the eavesdropper Wi-Fi without their knowledge, these sniffers open to the hackers access to the user’s data like bank details and other data, it could be using their details for a crime such as find their identity which make the world more concerns about their personal information and they are looking for the latest security protocols to protect their Wi-Fi network. Wi-Fi security introduces a number of vulnerabilities that give hackers an opportunity to cause harm to the Wi-Fi users by stealing information, accessing the Wi-Fi network to compromise the Wi-Fi network as a way to access the enterprise network which is used by some security protocols. This would allow a hacker to use sniffers to access the Wi-Fi enterprise network which is used in coffee shops across the world and other trading premises by probing the SSID of their Wi-Fi. Near by the hackers would be able to crack the security protocols such as WPA or WPA2 which are the latest protocol that users use for their Wi-Fi security keys. In our research we have taken different security methods to secure the Wi-Fi network using the bio-inspired DNA is the idea comed from the Deoxyribonucleic Acid DNA because that DNA have several important features including the random nature of the sequences denoted by alphapet characters A, C, G and T to perform encoded unique DNA sequences that is transmitting the secrets and the DNA encryption comes from the biology of the DNA science of the human and animals. Our research has achieved basic steps which encrypt the user’s static data to DNA sequence to use it for a security access key this work is functioning successfully to DNA bases and experimentation prove in the implementation at chapter 5, and we used the symmetric cryptographic keys in DNA sequence encryption to be similar at both parties with the admin(Wi-Fi) and clients and this is the basic step for this project and it needs to implement the dynamic DNA to make the keys more secure for each user and we have explained how we can match and mismatch these encrypted data and how they need to updated automatically to new security keys with the dynamic DNA sequence in future work [1]. The achievements of our research are proposed to convert user data to a DNA security sequence to use it in the same way as the existing security protocols such as WPA2 but in DNA format with the dynamic key and static user data will keep the security key rubost durig the automatic updates, hence the static data and dynamic data can be updated automatically when adding the dynamic data to the project in future work for the user access key and this can be suitable for multi-users to form an autonomous Wi-Fi connection and DNA security key to mitigating some flaws of that existing security protocols techniques has such as sharing the same security key on the same Wi-Fi network users

    State of the Art in Lightweight Symmetric Cryptography

    Get PDF
    Lightweight cryptography has been one of the ``hot topics'' in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a ``lightweight'' algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (\nist{}...) and international (\textsc{iso/iec}...) standards are listed. We then discuss some trends we identified in the design of lightweight algorithms, namely the designers' preference for \arx{}-based and bitsliced-S-Box-based designs and simple key schedules. Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: \emph{ultra-lightweight} and \emph{IoT} cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the \aes{} and modern hash function are costly but which have to provide a high level security due to their greater connectivity

    State of the Art in Lightweight Symmetric Cryptography

    Get PDF
    Lightweight cryptography has been one of the hot topics in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a lightweight algorithm is usually designed to satisfy in both the software and the hardware case. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (NIST...) and international (ISO/IEC...) standards are listed. We identified several trends in the design of lightweight algorithms, such as the designers\u27 preference for ARX-based and bitsliced-S-Box-based designs or simpler key schedules. We also discuss more general trade-offs facing the authors of such algorithms and suggest a clearer distinction between two subsets of lightweight cryptography. The first, ultra-lightweight cryptography, deals with primitives fulfilling a unique purpose while satisfying specific and narrow constraints. The second is ubiquitous cryptography and it encompasses more versatile algorithms both in terms of functionality and in terms of implementation trade-offs

    Security protocols suite for machine-to-machine systems

    Get PDF
    Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

    A framework for secure mobile computing in healthcare

    Get PDF
    Mobile computing is rapidly becoming part of healthcare’s electronic landscape, helping to provide better quality of care and reduced cost. While the technology provides numerous advantages to the healthcare industry, it is not without risk. The size and portable nature of mobile computing devices present a highly vulnerable environment, which threaten the privacy and security of health information. Since these devices continually access possibly sensitive healthcare information, it is imperative that these devices are considered for security in order to meet regulatory compliance. In fact, the increase in government and industry regulation to ensure the privacy and security of health information, makes mobile security no longer just desirable, but mandatory. In addition, as healthcare becomes more aware of the need to reinforce patient confidence to gain competitive advantage, it makes mobile security desirable. Several guidelines regarding security best practices exist. Healthcare institutions are thus faced with matching the guidelines offered by best practices, with the legal and regulatory requirements. While this is a valuable question in general, this research focuses on the aspect of considering this question when considering the introduction of mobile computing into the healthcare environment. As a result, this research proposes a framework that will aid IT administrators in healthcare to ensure that privacy and security of health information is extended to mobile devices. The research uses a comparison between the best practices in ISO 17799:2005 and the regulatory requirements stipulated in HIPAA to provide a baseline for the mobile computing security model. The comparison ensures that the model meets healthcare specific industry requirement and international information security standard. In addition, the framework engages the Information Security Management System (ISMS) model based on the ISO 27000 standard. The framework, furthermore, points to existing technical security measurers associated with mobile computing. It is believed that the framework can assist in achieving mobile computing security that is compliant with the requirements in the healthcare industry

    A framework for secure mobile computing in healthcare

    Get PDF
    Mobile computing is rapidly becoming part of healthcare’s electronic landscape, helping to provide better quality of care and reduced cost. While the technology provides numerous advantages to the healthcare industry, it is not without risk. The size and portable nature of mobile computing devices present a highly vulnerable environment, which threaten the privacy and security of health information. Since these devices continually access possibly sensitive healthcare information, it is imperative that these devices are considered for security in order to meet regulatory compliance. In fact, the increase in government and industry regulation to ensure the privacy and security of health information, makes mobile security no longer just desirable, but mandatory. In addition, as healthcare becomes more aware of the need to reinforce patient confidence to gain competitive advantage, it makes mobile security desirable. Several guidelines regarding security best practices exist. Healthcare institutions are thus faced with matching the guidelines offered by best practices, with the legal and regulatory requirements. While this is a valuable question in general, this research focuses on the aspect of considering this question when considering the introduction of mobile computing into the healthcare environment. As a result, this research proposes a framework that will aid IT administrators in healthcare to ensure that privacy and security of health information is extended to mobile devices. The research uses a comparison between the best practices in ISO 17799:2005 and the regulatory requirements stipulated in HIPAA to provide a baseline for the mobile computing security model. The comparison ensures that the model meets healthcare specific industry requirement and international information security standard. In addition, the framework engages the Information Security Management System (ISMS) model based on the ISO 27000 standard. The framework, furthermore, points to existing technical security measurers associated with mobile computing. It is believed that the framework can assist in achieving mobile computing security that is compliant with the requirements in the healthcare industry
    corecore