Privacy In Wireless Networks

1
Privacy In Wireless Networks

• Priyanka Kadiyala

2
Introduction

• A network consists of 2 or more computers that
  are linked in order to share resources. They may
  be linked through cables, telephone lines or
  radio waves.
• Wired Wireless networks

3
(No Transcript)
4
Local Area Network

• The Institute of Electrical and Electronic
  Engineers (IEEE) has defined a LAN as a datacomm
  system allowing a number of independent devices
  to communicate directly with each other, within a
  moderately sized geographic area over a physical
  communications channel of moderate rates.

5

• Distributed File Storing, Remote Computing,
  Messaging.

6
Security Privacy Of A Network

• Security Protection of networks and their
  services from unauthorized modification,
  destruction, or disclosure.
• Privacy Protecting confidential details of a
  person or a network.
• Threats vulnerabilities effect security of a
  network, which in turn, implies that the privacy
  of the network becomes insecure.

Privacy
Security
7
Threats

• A threat can be any person, object, or event
  that, if realized, could potentially cause damage
  to the LAN. Threats can be malicious, such as the
  intentional modification of sensitive
  information, or can be accidental, such as an
  error in a calculation, or the accidental
  deletion of a file.

8
Vulnerabilities

• Vulnerabilities are weaknesses in a LAN that can
  be exploited by a threat. For example,
  unauthorized access (the threat) to the LAN could
  occur by an outsider guessing an obvious
  password.
• Reducing or eliminating the vulnerabilities of
  the LAN can reduce or eliminate the risk of
  threats to the LAN.

9
Security Concerns in a LAN

• Distributed File Storing Inadequate protection
  mechanisms on the local workstation. For example,
  a personal computer (PC) may provide minimal or
  no protection of the information stored on it. A
  user that copies a file from the server to the
  local drive on the PC loses the protection
  afforded the file when it was stored on the
  server.

10
Remote Computing - Concerns

• Remote computing must be controlled so that only
  authorized users may access remote components and
  remote applications. The inability to
  authenticate can lead to unauthorized users being
  granted access to remote servers and applications.

11
Topologies Protocols - Concerns

• The topologies and protocols used today demand
  that messages be made available to many nodes in
  reaching the desired destination. This is much
  cheaper and easier to maintain than providing a
  direct physical path from every machine to every
  machine.

12

• Threats - active and passive wiretapping.
• Passive wiretapping includes not only information
  release but also traffic analysis.
• Active wiretapping includes message stream
  modifications (including modification, delay,
  duplication, deletion or counterfeiting).

13
Other concerns

• Other LAN security problems include -inadequate
  LAN management and security policies, lack of
  training for proper LAN usage and security,
  inadequate protection mechanisms in the
  workstation environment, and inadequate
  protection during transmission.
• Inadequately protected email can easily be
  captured, and perhaps altered and retransmitted,
  effecting both the confidentiality and integrity
  of the message.

14
Wireless networks

• Wireless devices use Radio Frequency (RF) to
  facilitate communication.
• Various types of wireless communication
  solutions use different frequencies, mostly
  regulated by governments.
• 802.11 and Bluetooth operate in the 2.4Ghz band.
• Wide Area Networks (WANs) using GPRS, GSM, etc.
• Local Area Networking (LANs) using 802.11b.
• Personal Area Networking (PANs) using Bluetooth.

15
WLAN

• Medium range. Around 150-200ft.
• Can be extended using directional antenna,
  repeaters,etc.
• Benefits
• Removes need for cabling infrastructure.
• Rapid deployment.
• How does it work?
• Clients associate to Access Points (APs)
  Infrastructure Mode.
• Clients form peer-to-peer network -Ad-Hoc
  Mode.

16
(No Transcript)
17
Bluetooth PAN

• Short range (around 10m or 30 feet).
• Short range cable replacement technology, used
  to transmit both voice and data.
• Gadget oriented.

18
IEEE 802.11 Standard

• Defines the physical layers and the MAC sublayers
  for the wireless LANs.
• Frequency Hopping Spread Spectrum Radio, Direct
  Sequence Spread Spectrum Radio and Baseband
  Infrared.
• Data rate - 2 Mbps 2400 - 2483.5 MHz frequency
  band.
• Two authentication schemes Open System
  Authentication and Shared Key Authentication.
  OSAnull authentication.

19
WEP Weaknesses

• Confidentiality Prevent casual eavesdropping.
• Access Control Protect access to a wireless
  network infrastructure.
• Data Integrity Prevent tampering with
  transmitted messages.
• WEP relies on the difficulty of discovering the
  secret key through force.

20
Threats to Wireless Networks

• When transmissions are broadcast over radio
  waves, interception and masquerading becomes
  trivial to anyone with a radio, and so there is a
  need to employ additional mechanisms to protect
  the communications.
• Privacy Security threats in wireless networks
  can be Internal or external.
• Internal Rogue access points and Incorrectly
  configured access points.
• External Eavesdropping, Identity theft, War
  driving, Man-in-the-middle attacks,etc.

21
Eavesdropping

• Eavesdropping is very easy in the radio
  environment, when one sends a message over the
  radio path, anyone equipped with a suitable
  transceiver in the range of the transmission can
  eavesdrop the message. Undetectable.

22
Parking Lot Attack - Eavesdropping
23
Transitive Trust

• In wired networks we can always track the wire
  from our computer to the next network node, but
  in the wireless environment there is no such way
  to find out with whom we are talking to. In all
  cases both parties of the transmission should be
  able to authenticate each others.
• The only real protection against this kind of
  attacks is the strong authentication mechanism of
  the mobiles accessing the wireless LAN.

24
(No Transcript)
25
Man-In-The-Middle Attacks

• The attacker positions himself between the victim
  and the device with which the victim is trying to
  communicate. The attacker can impersonate the
  receiver with respect to the sender, and the
  sender with respect to the receiver, without
  having either of them realize that they have been
  attacked.
• An attacker can also impersonate a user. By
  monitoring the frame transmissions, a hacker can
  program a rogue radio NIC to mimic a valid one.
  In this way, the rogue radio NIC steals the
  ongoing session for which the valid user had
  logged into.

26
(No Transcript)
27
Identity Theft

• Service Set Identifiers (SSIDs), static WEP
  authentication and Media Access Control (MAC)
  addresses are often used to verify that clients
  are authorized to connect with an AP. However,
  knowledgeable intruders can pick up approved
  SSIDs and MAC addresses to connect to a WLAN as
  an authorized user.

28
Internal Threats

• Rogue APs - Rogue WLANs can be attached to
  corporate networks from authorized network users,
  inadvertently opening doors for intruders.
• Incorrectly configured APs Radio waves broadcast
  by wireless base stations are relatively
  powerful, and residential neighbors or adjacent
  businesses may connect to each other's wireless
  networks.
• Many APs are initially configured to openly
  broadcast SSIDs of authorized users. SSIDs can be
  incorrectly used as passwords to verify
  authorised users, which allow intruders to easily
  steal an SSID and assume the identity of an
  authorized user.

29
Wardriving

• An unauthorized user uses his mobile device to
  access a network.
• Incorrectly configured APs may broadcast their
  SSID so that any passer by with the equipment can
  associate and begin sharing a networks Internet
  connection.

30
IEEE 802.11i Standard

• Addresses the weaknesses of 802.11 data privacy
  by incorporating Temporal Key Integrity Protocol
  (TKIP), plus a sophisticated keying system that
  ties together the data privacy and authentication
  functions.

31
Possible Solutions

• Activate WEP at the very least - The use of
  standard 802.11 WEP for networks where there is
  low risk of attack by actual hackers is a minimum
  for any security policy.
• Ensure only authorized people can reset the
  access points. Some access points will revert
  back to factory default settings (i.e., no
  security at all) when someone pushes the reset
  button on the access point. This makes the access
  point a fragile entry point for a hacker to
  extend their reach into the network. As a result,
  provide adequate physical security for the access
  point hardware.

32

• Properly install all access points. Don't leave
  access points within easy reach of a hacker who
  can replace a legitimate safeguarded access point
  with an unsecured, rogue access point that
  accepts access from any user.
• Disable access points during non-usage periods.
• Assign "strong" passwords to access points.
• Reduce propagation of radio waves outside the
  facility. Through the use of directional
  antennas, you can direct the propagation of radio
  waves inside the facility and reduce the
  "spillage" outside the perimeter. Reduces the
  ability for someone to jam the WLAN from outside
  the perimeter of the facility.

33
Questions

• Why does wireless need more security?
• What are the impacts of such threats
  vulnerabilities?
• What is the solution?

34
References

• http//csrc.nist.gov/publications/fips/fips191/fip
  s191.pdf
• http//www.tml.tkk.fi/Opinnot/Tik-110.501/1997/wir
  eless_lan.htmlThreats
• http//www.pentest.co.uk/documents/wless-salford.p
  df
• http//libproxy.library.unt.edu2696/iel5/10753/33
  896/01615051.pdf?tparnumber1615051isnumber338
  96

35
Thank you