Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009

Click here to load reader

download Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009

of 16

  • date post

    28-Jan-2016
  • Category

    Documents

  • view

    224
  • download

    0

Embed Size (px)

Transcript of Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009

  • Wireless Network SecurityBy Patrick Yount andCIS 4360Fall 2009

  • Taking Steps Towards a Wireless World

  • What is a Wireless Network?A group of connected devices that communicate through the air by means of electromagnetic waves, such as radio waves.

  • Types of Wireless NetworksWPANs dynamically connect devices within a relatively small area; maintain random network configurations.i.e. Bluetooth, ad-hoc networksWLANs connect devices over a more broad area, known as a cell. Can be found in our homes, libraries, and coffee shops.i.e. Wi-Fi, laser bridges

  • Types of Wireless NetworksWMANs are the connection of multiple WLANs and may span an entire city or college campus.i.e. WiMAXMobile device networks which are used by our cell phones.i.e. GSM (2G), 3G cellular networks

  • Wireless ApplicationsLaptopsCellular phonesHeadphonesKeyboardsPrintersSpeakersGlobal Positioning Systems (GPS)Laser BridgesEmergency ServicesRoboticsBiotechnologyNanotechnologyRadio Frequency Identification (RFID) transpondersThe possibilities are endless!

  • What is RFID?By means of a simple integrated circuit and an antenna, RFID tags can quickly and reliably identify nearly anything when scanned with an RFID reader.

  • Radio Frequency IdentificationThree types:Passive does not have a power supply.Active has a power supply that powers the transmission.Semi-passive has a power supply that powers the chip, but not the transmission.

  • Our ResponsibilityWe must understand and adequately address the inherent security risks involved with wireless networking.Physical theftBe aware of your surroundings.Secure your devices when they are not in use.Wireless medium

  • Wireless Network Security.

  • Types of unauthorized access :

    -Accidental association-Malicious association-Ad-hoc networks -Non-traditional networks

  • Types of unauthorized access :

    -Identity theft (MAC spoofing)-Man-in-the-middle attacks- Denial of service-Network injection- Caf Latte attack

  • Counteracting security risks

    All wireless LAN devices need to be securedAll users of the wireless network need to be educated in wireless network securityAll wireless networks need to be actively monitored for weaknesses and breaches

  • There are some very good cryptographic tools that can be used to protect digital resources.Many of these tools have proven securityThe problem is usually bad implementationsThe best cryptographic security is point-to-point security (such as VPN) The source & destination are mutually authenticated (with public key cryptography)exchange privately a fresh secret key (with public key cryptography)use symmetric key encryption scheme to encrypt exchanged data (with symmetric key cryptography

  • Point-to-point securityAuthentication usually involves certificates (a trusted third party certifies the public key of the entities) and a cryptographic handshake.WIMAX uses the Extensible Authentication Protocol for this purpose. For encryption it uses block ciphers such as DES3 or AESThis offers protection at the protocol layerThere are still problems at the physical layer, such as jamming attacks (Denial-of-Service), or flooding attacksSecurity vs. functionality tradeoffRule of thumb: the more security the less functionality

  • Anywhere we look nowadays, chances are we can find someone checking their e-mail on their cell phonechatting through their Bluetooth headsetor paying bills on a laptop. However, as we incorporate wireless networking devices into our lives, we must understand the risks involved with wireless networking.But before we can analyze any potential security threats associated with a wireless network, we should understand, at the most basic level, what a wireless network is. So as a simple definition, a wireless network is a group of connected devices that communicate through the air by means of electromagnetic waves; as opposed to communicating through expensive copper or optical cables as their wired counterparts do.There are several types of wireless networks:Wireless Personal Area Networks dynamically connect devices usually within reach of a person and maintain random network configurations. i.e. Bluetooth and ad-hoc networks.Wireless Local Area Networks, which connect devices in most of our homes and libraries by means of Wi-Fi. A WLAN has the ability to connect devices over a relatively broad area, known as a cell. Another example is laser bridges which use fixed wireless technology to transmit data between buildings.WLANs are standardized under the IEEE 802.11 series (which we will get into later).Wireless Metropolitan Area Networks are often just the connection of multiple WLANs. They may span an entire city and are prevalent on college campuses.Finally, mobile device networks, which are used by our cell phones. i.e. Global System for Mobile Communication and most recently the 3G cellular networks.Many everyday devices other than laptops and cell phones have wireless networking capability.Bluetooth headphones, mice, keyboards, printers, and speakers are gaining in popularity as technology improves and prices become more realistic.Global Positioning Systems which at one time were only used by the government are now built into many cell phones and cars, allowing us to get directions or pinpoint our current location.Police stations and Fire departments use various wireless devices to improve emergency response time and efficiency.But perhaps the wireless technology with the most potential is also the one that comes at the lowest cost, that is, Radio frequency identification (RFID) transponders.What exactly is radio frequency identification?Well, simply put, an RFID tag is a small microchip composed of an integrated circuit and an antenna that can quickly and reliably identify nearly anything when scanned with an RFID reader.When placed in manufactured goods, RFID tags cut costs associated with managing inventory and tracking goods.Interstates and highways use RFIDs to identify vehicles, allowing drivers to pay tolls without stopping.Even people may have RFIDs implanted for identification purposes.

    There are three types of RFID tags:Passive tags, which do not have a power supply. An incoming signal provides enough power to allow the tag to power up and transmit a backscatter response. Many everyday manufactured goods use passive tags, which can cost as little as a few cents.Active tags have their own power supply. They start a session with the RFID reader and transmit at a higher power level than passive tags. Decreasing the opportunity for interference gives active tags more versatility and allows them to be placed in cattle, pets, and even ourselves.Finally, semi-passive tags have a power supply that powers the chip, but does not power the transmission of a response. They have a longer battery life cycle than active tags (may last upwards of 10 years) and are more sensitive than passive tags.The potential of wireless technology seems to be infinite as new applications are discovered everyday bringing increased functionality to our fingertips; however, incorporating wireless networking into our business and personal lives comes with the responsibility of understanding and adequately managing the inherent security risks.First of all, users must understand that the mere portability of wireless devices makes them susceptible to physical theft. With Blackberrys and iPhones costing upwards of $200 they are an easy target for any thief, so users need to be aware of their surroundings, and secure their devices when they are not being used.The most obvious source of new risks, however, is the medium through which the devices communicate, air. Airwaves are open to both trusted users and crackers alike, so we need to understand a signal can be intercepted with ease by anyone.