Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,

Published byMagnus Gaines Modified over 8 years ago

Similar presentations

Presentation on theme: "Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,"— Presentation transcript:

1 Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies, Inc. bhagyavati@colstate.edu summers_wayne@colstate.edu tony@research.telcordia.com

2 Agenda 1. Introduction 2. First Generation WLANs 3. Second Generation WLANs 4. Curricula Issues 5. Conclusions

3 Introduction Ubiquitous wireless networks –Uncontrolled media / self-deploying network –Wired vs. Wireless networks –Early WLANs slow and not very secure –Today’s WLANs have more choices for enhanced security, but are still flawed Need to incorporate WLAN and WLAN security concepts in our curriculum

4 WLANs Ad-Hoc [Independent Basic Service Set (IBSS)] - computers talk directly to each other. Basic Infrastructure [Basic Service Set (BSS)] Network - all traffic passes through a wireless access point. Infrastructure [Extended Service Set (ESS)] Network - traffic passes through multiple wireless access points.

5 First Generation WLANs The IEEE 802.11 - specification allows for the wireless transmission of raw data at indoor distances from several dozen to several hundred feet and outdoor distances of several to tens of miles using Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)Carrier Sense Multiple AccessCSMA/CA –802.11b - 11 Mbps using the 2.4 GHz –802.11a – 54 Mbps using the 5 GHz band –802.11g – 54 Mbps using 2.4 GHz –802.11n – 540 Mbps (supports MIMO)

6 First Generation WLANs –Minimal set of security features in 802.11b standard Service Set Identifier (SSID) Medium Access Control (MAC) address filters Wired Equivalent Privacy (WEP) encryption – 64-bit RC4 data encryption (flawed) [128-bit WEP also available] –Does prevent casual “eavesdropping” (if turned on) –Requires a sharing of the key between each mobile device and the access point –No procedure for key management

7 First Generation WLANs –Main Security Vulnerabilities Security settings are not enabled by default By default, access points broadcast SSID in clear text MAC address of valid client can be “sniffed” and then spoofed WEP is easily broken, only authenticates client Rogue access points are easy to deploy Man-in-the-middle attacks WLANs are easily crashed by DoS attacks

8 First Generation WLANs –Security Controls Turn off the broadcast SSIDs Use automated MAC-based access control mechanisms Enable WEP encryption Lower power levels of access points / limit transmission rates (11 / 5.5 Mbps)

9 Second Generation WLANs WPA (Wi-Fi Protected Access) – interim encryption standard: FLAWED 802.11i –Temporal Key Integrity Protocol (TKIP) uses RC4 generates new key every 10 Kb hashes Initialization Vector Message Integrity Check –Advanced Encryption Standard (AES)

10 Second Generation WLANs 802.1X: Framework for Authentication (EAP – Extensible Authentication Prototcol) –Transport Layer Security (EAP-TLS): used in 802.1X clients for Windows XP –Lightweight EAP (LEAP): CISCO product used in Aironet products (dynamic WEP) –Protected EAP (PEAP): CISCO/Microsoft/RSA – doesn’t require certificates; supports dynamic WEP –Tunneled Transport Layer Security (EAP-TTLS): Funk Software/Certicom – only requires server certification

11 Second Generation WLANs VPN (Virtual Private Network) Wireless Gateway (simplifies roaming and provides opportunity to implement QoS) AirDefense – WLAN Monitoring AirFortress – provides for encryption at the MAC layer, hiding data and network information

12 Policies, Training, & Awareness Physical location of access points Logical location of access points (in DMZ) Ban rogue access points (monitor) Disable ad-hoc (peer-to-peer) mode on all clients Properly configure all devices Standardize on one vendor Perform frequent site surveys Monitor logs Keep patches up to date

13 Curricula Issues Where? –Networking and Network Management Courses –Introductory Security Courses –Network Security Courses –Cryptography Course (look at RC4/WPA/AES encryption algorithms)

14 Curricula Issues What? –Policy Standards for wireless networks –Designing wireless networks –Securing wireless networks –look at encryption algorithms (RC4, WPA, AES) –Look at standards (802.11i, 802.1X)

15 Curricula Issues How? –Design Wireless Network Policy –Work with University IT Department to help survey security for campus wireless network –Installing and testing wireless networks –War-driving (discuss ethical issues) –Attack / Defend Exercises

16 Conclusions Ubiquitous wireless networks –Home use –Coffee shops, local communities –IEEE 802.16 (WiMAX) - 75 Mb/sec, up to 30 miles Need to teach students how to secure them

17 Resources Wireless Security Blackpaper - http://arstechnica.com/paedia/w/wireless/securit y-1.html http://arstechnica.com/paedia/w/wireless/securit y-1.html Wireless LAN Security FAQ - http://www.iss.net/wireless/WLAN_FAQ.php http://www.iss.net/wireless/WLAN_FAQ.php The Unofficial 802.11 Security Web Page - http://www.drizzle.com/~aboba/IEEE/ http://www.drizzle.com/~aboba/IEEE/ Wireless Network Security 802.11, Bluetooth and Handheld Devices - http://csrc.nist.gov/publications/nistpubs/800- 48/NIST_SP_800-48.pdf http://csrc.nist.gov/publications/nistpubs/800- 48/NIST_SP_800-48.pdf

18 Questions?

19

Download ppt "Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,"

Similar presentations

Security in Wireless Networks Juan Camilo Quintero D. 1041718.

Security in Wireless Networks Juan Camilo Quintero D
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.

MITP | Master of Information Technology Program Securing Wireless LAN using Cisco-based technology Campus Crew Study Group Paul Matijevic Ed McCulloch.
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.

DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
802.1x EAP Authentication Protocols

802.1x EAP Authentication Protocols
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Eight Developing Network Security Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
Securing a Wireless Network. Wireless networks are rapidly becoming pervasive. How many of you have web-enabled cell phones? How many of you have web-enabled.

Securing a Wireless Network. Wireless networks are rapidly becoming pervasive. How many of you have web-enabled cell phones? How many of you have web-enabled.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

Similar presentations

Ads by Google