Wi-Fi Security Analysis

AbstractIn recent years, a significant increasing in development of Wireless networks is noticed; they become an entire part of the Internet and demonstrate effectiveness in handling communication for reduced public LAN and military applications. This is mainly due to their mobility and low cost solutions; nevertheless, they are also prone to several attacks related to data integrity, Deni of Service and eavesdropping. This paper discusses wireless security protocols, their limitations and weakness. We present also an overview of the FMS (Fluhrer, Mantin, Shamir), a recovery key attack and demonstrate its effectiveness in reducing the average number of intercept packets based on a well choice of IV (initialization vectors). Some comparative experiments on ciphertext-only attacks were performed in order to study the efficiency of such technique and underline encountered difficulties

A practical attack on the fixed RC4 in the wep mode

Abstract. In this paper we revisit a known but ignored weakness of the RC4 keystream generator, where secret state info leaks to the generated keystream, and show that this leakage, also known as Jenkins’ correlation or the RC4 glimpse, can be used to attack RC4 in several modes. Our main result is a practical key recovery attack on RC4 when an IV modifier is concatenated to the beginning of a secret root key to generate a session key. As opposed to the WEP attack from [FMS01] the new attack is applicable even in the case where the first 256 bytes of the keystream are thrown and its complexity grows only linearly with the length of the key. In an exemplifying parameter setting the attack recoversa16-bytekeyin2 48 steps using 2 17 short keystreams generated from different chosen IVs. A second attacked mode is when the IV succeeds the secret root key. We mount a key recovery attack that recovers the secret root key by analyzing a single word from 2 22 keystreams generated from different IVs, improving the attack from [FMS01] on this mode. A third result is an attack on RC4 that is applicable when the attacker can inject faults to the execution of RC4. The attacker derives the internal state and the secret key by analyzing 2 14 faulted keystreams generated from this key

A Study of Wireless Network Security

I intend to make a survey in wireless data security since wireless networks are very common, both for organizations and individuals. Many laptop computers have wireless cards pre-installed. The ability to enter a wireless network has great benefits. However, wireless networking has many security issues. Hackers have found wireless networks relatively easy to break into, and even use wireless technology to crack into wired network. As a result, it\u27s very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources. My survey research may involve these following aspects: wireless network architecture, data security in wireless networks, secure data storage in wireless networks and so forth

Linux Access Point and IPSec Bridge

[[abstract]]The main idea of this paper is to present an upper-layer security solution to solve security problems of the wireless network. The IEEE 802.11 standard defines the Wired Equivalent Privacy (WEP) Protocol. The goal of WEP is to provide data privacy to the wireless network. It is generally believed that the current wireless access points have a big security problem with WEP protocol. To solve this problem, a combination of Linux-based access point and IPSec bridge has been brought up to secure the wireless network.[[notice]]補正完畢[[journaltype]]國

A 2013 Study of Wireless Network Security in New Zealand: Are We There Yet?

This research examines the current level of security in wireless networks in New Zealand. A comprehensive wardrive covering the length of the country was made in January 2013 to ensure accurate comparisons from two previous wardrives as well as comparisons between the four main cities and the suburbs can be made. With 16 years since the introduction of the original IEEE 802.11 wireless standard having passed, an examination is made of the current state of wireless security of networks throughout New Zealand and the Auckland suburbs, and where possible compares these results with similar studies undertaken in 2004 and 2011. Additionally, comparisons are made with growth of numbers of access points, security standards implementations and channel selections. This study looks at whether wireless network security has reached the levels hoped for in 1999 when security was built in to the IEEE 802.11a and 802.11b standards and concludes that whilst vastly improved, there is still some way to go. Finally, some recommendations are made as to what still needs to be addressed to ensure efficient and secure communications with wireless networks

Mobile commerce (mCommerce) security. An appraisal of current issues and trends

Millions of data capable mobile devices are currently in use around the world enabled by the growing acceptance of Internet over wireless networks. However, security mechanisms still remain nascent. Security plays a crucial role in facilitating the level of trust users place on mobile devices and applications. To effectively diffuse the mobile devices in the marketplace, sufficient levels of trust has to be established in the underlying security of mobile devices and applications. This paper is an appraisal of recent issues and emerging trends regarding mobile security, within the context of conducting mobile commerce via mobile networks by individual consumers and businesses.<br /

A longitudinal study of wi-fi access point security inthe Perth central business district

This study collected data in 2008 and 2011 in relation to the level of apparent security of wireless network access points in the Perth CBD. It also compared this data to a comparable study conducted in 2004. The aim was to determine whether businesses were using an appropriate level of encryption to protect their wireless networks. A pre-determined route was followed which traced the Perth CBD and the open source wireless network auditing tool Kismet was used to survey the wireless networks. In 2008, approximately 1300 access points were discovered in the Perth CBD, this number climbing to approximately 3400 in 2011. Of the 1400 discovered in 2008, approximately 30% were open, with 15% using WEP security, with these values falling to 8 and 4% respectively in 2011. In conclusion, the number of APs using WEP appears to have fallen in total and as a percentage of the total number of networks. The number of APs still using WEP and WPA TKIP is concerning, as the technology underlying these security methods is flawed and open to compromise. No significant finding can be drawn in relation to the open access points, due to not knowing whether a VPN or other upstream authentication mechanism was employed

The challeges in implementing security in spontaneous ad hoc networks

Mobile Ad Hoc Networks (MANETS) promise much in the ability to rapidly deploy a wireless network in a fashion where no prior planning is needed and the network can be running efficiently and with high security within minutes. Natural disaster response, military, education and business provide areas where MANETS can offer significant advantages in communication where infrastructure networks may take days to set up or may be impossible to implement. This research reviews a selection of MANET protocols to show the progression of the research and the issues that are yet to be addressed. It discusses the challenges to researchers in improving ad hoc schemes to the point where they work in theory and in practice. Areas are highlighted that pose the most significant challenges to developing new security protocols and some food-for-thought is given for those who wish to contribute to this growing area of importance for wireless communication

A longitudinal study of Wi-Fi access point security in the Perth central business district

This study collected data in 2008 and 2011 in relation to the level of apparent security of wireless network access points in the Perth CBD. It also compared this data to a comparable study conducted in 2004. The aim was to determine whether businesses were using an appropriate level of encryption to protect their wireless networks. A pre-determined route was followed which traced the Perth CBD and the open source wireless network auditing tool Kismet was used to survey the wireless networks. In 2008, approximately 1300 access points were discovered in the Perth CBD, this number climbing to approximately 3400 in 2011. Of the 1400 discovered in 2008, approximately 30% were open, with 15% using WEP security, with these values falling to 8 and 4% respectively in 2011. In conclusion, the number of APs using WEP appears to have fallen in total and as a percentage of the total number of networks. The number of APs still using WEP and WPA TKIP is concerning, as the technology underlying these security methods is flawed and open to compromise. No significant finding can be drawn in relation to the open access points, due to not knowing whether a VPN or other upstream authentication mechanism was employed