Thesis Proposal Defense - PowerPoint PPT Presentation

About This Presentation

Title:

Thesis Proposal Defense

Description:

Title: C5931 Web Security - Project Demo Author: SCE Last modified by: SCE Created Date: 5/5/2004 3:36:16 AM Document presentation format: On-screen Show – PowerPoint PPT presentation

Number of Views:11000

Avg rating:3.0/5.0

Slides: 23

Provided by: sce9

Learn more at: http://sce.uhcl.edu

Category:

more less

Transcript and Presenter's Notes

Title: Thesis Proposal Defense

1
Thesis Proposal Defense
Performance and Security in a Distributed
Wireless Networking Environment
Committee Dr. Andrew Yang Dr. Alfredo
Perez-Davila Ms. Wei Ding

Presented by
Karthik Sadasivam

2
Motivation and Background

Wireless networks are being used in almost every
organization today
Latest trend in wireless networks is pervasive
and ubiquitous computing catering to both
nomadic and fixed users anytime and anywhere
802.11 or Wi-fi standards for Wireless Local
Area Networks ( 802.11a, 802.11b, 802.11g,
802.11i) is most commonly used in enterprises
today
Distributed wireless networks are deployed over a
wide geographic area and consist of mobile
clients and base stations
Two factors of prime importance in these networks
Performance and Security
Achieving an optimal balance between these two
factors in such networks is an ongoing research
problem

3
Wireless Networks A Taxonomy

Single-hop cellular networks

Multi-hop cellular networks

Ad hoc networks

4
Wireless Local Area Networks (WLANs)

A Wireless Local Area Network consists of a set
of mobile clients communicating via an access
point (AP).
IEEE 802.11 - adopted international standard for
wireless LANs
Transmission speeds ranging from 1 Mbps to 54
Mbps in either the 2.4 GHz or 5 GHz frequency
bands
Various standards for IEEE 802.11 802.11a,
802.11b, 802.11g, 802.11i
802.11 protocol has been found to be vulnerable
to several types of attacks such as DoS, WEP key
vulnerability, rogue APs

5
Ultra WideBand (UWB) Networks

Latest standard for high speed wireless networks
(200-400 Mbps range)
It works on impulse radio (short pulses of
picoseconds duration) rather than carrier based
radio
US FCC has allocated a spectrum between 3.1 and
10.6 GHz
Initially it was used in radar communications
Current research aims at the development of
Physical and higher layer protocols for its use
in WPANs and WMANs (IEEE 802.15 group for WPANs
for PHY layer)

6
Distributed Wireless Networks

Usage Scenarios enterprise-wide wireless
network management, Battlefield, geographic
survey operations, search and rescue operations

7
Typical Configurations

Fixed Access Point - Single Hop Networks
Fixed path mobile clients

8
Typical Configurations (contd.)

Fixed Access Point - Single Hop Networks
Variable path (roaming) mobile clients

9
Typical Configurations (contd.)

Mobile Access points Multi Hop Networks

10
Performance Factors

The following are factors which affect
performance of wireless networks in general
Number of nodes Since bandwidth is shared
equally among all nodes, the performance and
throughput decreases as more nodes enter the
network
The underlying protocol Each layer of the
TCP/IP protocol suite adds its own header, which
tends to affect the performance considerably.
The topology In case of a dynamically changing
topology (for example, in ad hoc networks), the
nodes have to maintain routing tables, which have
to be recalculated every time a node leaves a
current network and enters a new network

11
Performance Factors (contd.)

Fixed Access Point - Single Hop Networks
In addition to the factors listed above, the
following factors are specific to these type of
networks
In the case of fixed path clients, the distance
of the clients from the access point plays an
important role in determining the performance
In the case of roaming mobile clients ,
re-authentication is needed whenever a client
moves away from the range of one access point to
enter the range of another access point (known as
handoff)

12
Performance Factors (contd.)

Performance in Mobile Access Point - Multi Hop
Networks
The following factors have been found to affect
the performance of multi hop wireless networks-
Routing protocols Most of the routing protocols
used for ad hoc networks demand considerable
bandwidth and power
Node speed With increase in node mobility, the
routing overhead and the bit error rate increases
Traffic sources In multi hop networks, the
source of traffic keeps varying constantly. At a
particular instant of time, if we measure the
bandwidth for a particular traffic source, it may
not remain constant over a period of time as the
topology changes.

13
Performance Metrics

Measurement of performance in a wireless network
involves many interdependent factors. We consider
the packet-level metrics only for sake of
simplicity
End-to-End Throughput - Measure of the number of
packets successfully transmitted to their final
destination per unit time.
End-to-End Delay - Average time a packet takes to
reach its destination
Link Utilization - Long term proportion of time
or probability that there is transmission on the
link.
Packet Loss - Ratio of transmitted packets that
may have been discarded or lost in the
network.

.
14
Security issues

In a distributed wireless network composed of
both wired and wireless segments, the threat to
the network is doubled.
Some of the threats are common to both wireless
and wired networks such as-
invasion and resource stealing
traffic redirection
Denial of Service (DoS)
Others are specific to wireless networks such as
Rogue APs, WEP key vulnerability, MAC address
spoofing, etc.
Ad hoc networks introduce more security issues in
routing since there are no inherent security
mechanisms.

.
15
Security issues (contd.)

Authentication is one of the most important
security issues for distributed wireless
networks. The following are types of
authentication methods used
Mutual authentication Both the authenticator
and the user must be able to mutually
authenticate each other, in order to prevent
threats such as rogue access points.
Self-protecting A wireless node must protect
itself from eavesdropping and impersonation
Immune to dictionary attacks
Secure session keys - Session keys provide
message authentication, confidentiality and
integrity for the user session.
User-level authentication
Fast re-authentication important in the case of
roaming clients

.
16
Security issues (contd.)

Classification of Authentication methods
Certificate based methods Such methods use
public key infrastructure (PKI) to authenticate
users. E.g PEAP and EAP
Disadvantage
cost of administration
provides device authentication rather than
user-level authentication
Password based methods They are based on
password authentication mechanism. E.g Ciscos
LEAP
Disadvantage
more prone to attacks such as the
Man-in-the-Middle (MITM)

.
17
Security issues (contd.)

Security in Fixed Access Point - single hop
networks
Reauthentication is a major issue in such
networks
centralized certificate-based authentication
(RADIUS)
Authentication Methods such as EAPOL (EAP over
LAN) used

18
Security issues (contd.)

Security in Mobile Access point Multi Hop
Networks
Inter-Access Point authentication required in
this case. Inter Access Point Protocol is used
for this purpose
Security in routing between mobile hosts-
No centrally administered secure routers
No strict security policies
Highly dynamic nature of MANETs
Current ad hoc protocols trust all participating
nodes.

19
Research Plan

The study of performance will mostly be
simulation-based
A comparison of various factors affecting the
performance will be done and most important ones
will be derived
Test cases will be drawn for these factors
The major security issues in distributed networks
will be studied and the impact of them on the
performance will be analyzed
The results of the security and performance
analysis from these cases will be aggregated and
compared to determine the tradeoffs between these
two factors, so that an optimal solution may be
achieved.

20
Methods and instrumentation