Privacy In Wireless Networks - PowerPoint PPT Presentation

1 / 35
About This Presentation
Title:

Privacy In Wireless Networks

Description:

The Institute of Electrical and Electronic Engineers (IEEE) has defined a LAN as ' ... from authorized network users, inadvertently opening doors for intruders. ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 36
Provided by: cse54
Learn more at: https://www.cse.unt.edu
Category:

less

Transcript and Presenter's Notes

Title: Privacy In Wireless Networks


1
Privacy In Wireless Networks
  • Priyanka Kadiyala

2
Introduction
  • A network consists of 2 or more computers that
    are linked in order to share resources. They may
    be linked through cables, telephone lines or
    radio waves.
  • Wired Wireless networks

3
(No Transcript)
4
Local Area Network
  • The Institute of Electrical and Electronic
    Engineers (IEEE) has defined a LAN as a datacomm
    system allowing a number of independent devices
    to communicate directly with each other, within a
    moderately sized geographic area over a physical
    communications channel of moderate rates.

5
  • Distributed File Storing, Remote Computing,
    Messaging.

6
Security Privacy Of A Network
  • Security Protection of networks and their
    services from unauthorized modification,
    destruction, or disclosure.
  • Privacy Protecting confidential details of a
    person or a network.
  • Threats vulnerabilities effect security of a
    network, which in turn, implies that the privacy
    of the network becomes insecure.

Privacy
Security
7
Threats
  • A threat can be any person, object, or event
    that, if realized, could potentially cause damage
    to the LAN. Threats can be malicious, such as the
    intentional modification of sensitive
    information, or can be accidental, such as an
    error in a calculation, or the accidental
    deletion of a file.

8
Vulnerabilities
  • Vulnerabilities are weaknesses in a LAN that can
    be exploited by a threat. For example,
    unauthorized access (the threat) to the LAN could
    occur by an outsider guessing an obvious
    password.
  • Reducing or eliminating the vulnerabilities of
    the LAN can reduce or eliminate the risk of
    threats to the LAN.

9
Security Concerns in a LAN
  • Distributed File Storing Inadequate protection
    mechanisms on the local workstation. For example,
    a personal computer (PC) may provide minimal or
    no protection of the information stored on it. A
    user that copies a file from the server to the
    local drive on the PC loses the protection
    afforded the file when it was stored on the
    server.

10
Remote Computing - Concerns
  • Remote computing must be controlled so that only
    authorized users may access remote components and
    remote applications. The inability to
    authenticate can lead to unauthorized users being
    granted access to remote servers and applications.

11
Topologies Protocols - Concerns
  • The topologies and protocols used today demand
    that messages be made available to many nodes in
    reaching the desired destination. This is much
    cheaper and easier to maintain than providing a
    direct physical path from every machine to every
    machine.

12
  • Threats - active and passive wiretapping.
  • Passive wiretapping includes not only information
    release but also traffic analysis.
  • Active wiretapping includes message stream
    modifications (including modification, delay,
    duplication, deletion or counterfeiting).

13
Other concerns
  • Other LAN security problems include -inadequate
    LAN management and security policies, lack of
    training for proper LAN usage and security,
    inadequate protection mechanisms in the
    workstation environment, and inadequate
    protection during transmission.
  • Inadequately protected email can easily be
    captured, and perhaps altered and retransmitted,
    effecting both the confidentiality and integrity
    of the message.

14
Wireless networks
  • Wireless devices use Radio Frequency (RF) to
    facilitate communication.
  • Various types of wireless communication
    solutions use different frequencies, mostly
    regulated by governments.
  • 802.11 and Bluetooth operate in the 2.4Ghz band.
  • Wide Area Networks (WANs) using GPRS, GSM, etc.
  • Local Area Networking (LANs) using 802.11b.
  • Personal Area Networking (PANs) using Bluetooth.

15
WLAN
  • Medium range. Around 150-200ft.
  • Can be extended using directional antenna,
    repeaters,etc.
  • Benefits
  • Removes need for cabling infrastructure.
  • Rapid deployment.
  • How does it work?
  • Clients associate to Access Points (APs)
    Infrastructure Mode.
  • Clients form peer-to-peer network -Ad-Hoc
    Mode.

16
(No Transcript)
17
Bluetooth PAN
  • Short range (around 10m or 30 feet).
  • Short range cable replacement technology, used
    to transmit both voice and data.
  • Gadget oriented.

18
IEEE 802.11 Standard
  • Defines the physical layers and the MAC sublayers
    for the wireless LANs.
  • Frequency Hopping Spread Spectrum Radio, Direct
    Sequence Spread Spectrum Radio and Baseband
    Infrared.
  • Data rate - 2 Mbps 2400 - 2483.5 MHz frequency
    band.
  • Two authentication schemes Open System
    Authentication and Shared Key Authentication.
    OSAnull authentication.

19
WEP Weaknesses
  • Confidentiality Prevent casual eavesdropping.
  • Access Control Protect access to a wireless
    network infrastructure.
  • Data Integrity Prevent tampering with
    transmitted messages.
  • WEP relies on the difficulty of discovering the
    secret key through force.

20
Threats to Wireless Networks
  • When transmissions are broadcast over radio
    waves, interception and masquerading becomes
    trivial to anyone with a radio, and so there is a
    need to employ additional mechanisms to protect
    the communications.
  • Privacy Security threats in wireless networks
    can be Internal or external.
  • Internal Rogue access points and Incorrectly
    configured access points.
  • External Eavesdropping, Identity theft, War
    driving, Man-in-the-middle attacks,etc.

21
Eavesdropping
  • Eavesdropping is very easy in the radio
    environment, when one sends a message over the
    radio path, anyone equipped with a suitable
    transceiver in the range of the transmission can
    eavesdrop the message. Undetectable.

22
Parking Lot Attack - Eavesdropping
23
Transitive Trust
  • In wired networks we can always track the wire
    from our computer to the next network node, but
    in the wireless environment there is no such way
    to find out with whom we are talking to. In all
    cases both parties of the transmission should be
    able to authenticate each others.
  • The only real protection against this kind of
    attacks is the strong authentication mechanism of
    the mobiles accessing the wireless LAN.

24
(No Transcript)
25
Man-In-The-Middle Attacks
  • The attacker positions himself between the victim
    and the device with which the victim is trying to
    communicate. The attacker can impersonate the
    receiver with respect to the sender, and the
    sender with respect to the receiver, without
    having either of them realize that they have been
    attacked.
  • An attacker can also impersonate a user. By
    monitoring the frame transmissions, a hacker can
    program a rogue radio NIC to mimic a valid one.
    In this way, the rogue radio NIC steals the
    ongoing session for which the valid user had
    logged into.

26
(No Transcript)
27
Identity Theft
  • Service Set Identifiers (SSIDs), static WEP
    authentication and Media Access Control (MAC)
    addresses are often used to verify that clients
    are authorized to connect with an AP. However,
    knowledgeable intruders can pick up approved
    SSIDs and MAC addresses to connect to a WLAN as
    an authorized user.

28
Internal Threats
  • Rogue APs - Rogue WLANs can be attached to
    corporate networks from authorized network users,
    inadvertently opening doors for intruders.
  • Incorrectly configured APs Radio waves broadcast
    by wireless base stations are relatively
    powerful, and residential neighbors or adjacent
    businesses may connect to each other's wireless
    networks.
  • Many APs are initially configured to openly
    broadcast SSIDs of authorized users. SSIDs can be
    incorrectly used as passwords to verify
    authorised users, which allow intruders to easily
    steal an SSID and assume the identity of an
    authorized user.

29
Wardriving
  • An unauthorized user uses his mobile device to
    access a network.
  • Incorrectly configured APs may broadcast their
    SSID so that any passer by with the equipment can
    associate and begin sharing a networks Internet
    connection.

30
IEEE 802.11i Standard
  • Addresses the weaknesses of 802.11 data privacy
    by incorporating Temporal Key Integrity Protocol
    (TKIP), plus a sophisticated keying system that
    ties together the data privacy and authentication
    functions.

31
Possible Solutions
  • Activate WEP at the very least - The use of
    standard 802.11 WEP for networks where there is
    low risk of attack by actual hackers is a minimum
    for any security policy.
  • Ensure only authorized people can reset the
    access points. Some access points will revert
    back to factory default settings (i.e., no
    security at all) when someone pushes the reset
    button on the access point. This makes the access
    point a fragile entry point for a hacker to
    extend their reach into the network. As a result,
    provide adequate physical security for the access
    point hardware.

32
  • Properly install all access points. Don't leave
    access points within easy reach of a hacker who
    can replace a legitimate safeguarded access point
    with an unsecured, rogue access point that
    accepts access from any user.
  • Disable access points during non-usage periods.
  • Assign "strong" passwords to access points.
  • Reduce propagation of radio waves outside the
    facility. Through the use of directional
    antennas, you can direct the propagation of radio
    waves inside the facility and reduce the
    "spillage" outside the perimeter. Reduces the
    ability for someone to jam the WLAN from outside
    the perimeter of the facility.

33
Questions
  • Why does wireless need more security?
  • What are the impacts of such threats
    vulnerabilities?
  • What is the solution?

34
References
  • http//csrc.nist.gov/publications/fips/fips191/fip
    s191.pdf
  • http//www.tml.tkk.fi/Opinnot/Tik-110.501/1997/wir
    eless_lan.htmlThreats
  • http//www.pentest.co.uk/documents/wless-salford.p
    df
  • http//libproxy.library.unt.edu2696/iel5/10753/33
    896/01615051.pdf?tparnumber1615051isnumber338
    96

35
Thank you
Write a Comment
User Comments (0)
About PowerShow.com