AIS300 - Scheme of Work - Scholarly Commons Home

More documents

Recommendations

Info

superior security technologies like EAP, RADIUS, 802.1X and pre-shared keys. WPA also implements the dynamic keys in TKIP in order to enhanced key management. The usage of “Michael Message Integrity Check” also enforces data integrity in WPA. However, there are still some possible security issues regarding WPA such as the probability of encryption weaknesses in TKIP and the decreasing WLANs performance due to a computational intensive of a more difficult encryption and authentication processes (S. Wong, 2003). 2.5 WLAN Security Issues The WLANs technology has been around for more than ten years and during this period it has gone through tremendous advancement and growth. This however also open up the technology to various security attacks; for example, MAC address spoofing, rogue access point, denial of service (DoS), jamming attacks and also man-in-the-middle attacks (Curran & Smyth, 2005). The security problems associated with WLANs have become a barrier for some organization in implementing the WLANs technology (Erten & Tomur, 2004; Hole, Dyrnes, & Thorsheim, 2005). Developing a good understanding of both the technology and the possible security issues concerning WLANs deployment is essential to fully utilized and gain benefits from this evolving technology. 2.5.1 Security attacks on WLANs There are many types of attacks targeted at WLANs which includes the passive attack, active attack, denial of service attack, man in the middle attack, and rogue access. These security attacks concerning WLANs will be discussed in more details. 2.5.1.1 Passive Attacks Passive attack is described as the action of passively eavesdropping on the WLANs traffics (Xia & Brustoloni, 2005). This attack may be done fairly easily by using a few networks analysis tools that can be downloadable from the Internet such as the Netstumbler, Kismet, and Airsnort (Shimonski, 2003). Information that can be gathered through these software includes the MAC address, the IP address, the association ID for the station, and the SSID of the networks (Corbett, Beyah, & Copeland, 2006). Wong (2003) explained that passive attacks sometime could occur when someone unintentionally accessed a different network while trying to connect to an access point. Passive attacks could also be used to explain the activity of connecting to a network but without changing or using any resources in that network. This may include eavesdropping, traffic analysis and wardriving (Maple, Jacobs, & Reeve, 2006). 14
Passive attacks are mostly undetectable by network administrators and physical network devices due to the passiveness of this activity (Curran & Smyth, 2005; Welch & Lathrop, 2003). 2.5.1.2 Active Attack Shimonski (2003) stated that the activity of passive attacks could accumulate enough information leading attackers to actively attack a wireless network. The main target of active attackers is usually to gain access to a network and then change or modify the resource’s content (J. Wong, 2003). Two activities that can be categorized as active attacks are unauthorized access and spoofing (Shimonski, 2003). Active eavesdropping requires injection of data by the attacker into the communication session in order to decipher the payload. In this process, the attacker will listens to the wireless connection while actively injects messages into the communication session in order to determine the contents of the messages. Active attacks can happen in two ways, the first is when the attacker modifies a packet. Secondly is when the attackers inject completely new packets into the data stream (Welch & Lathrop, 2003). Actively attacking the network can caused the denial of service attack to the WLAN. 2.5.1.3 Denial of Service (DoS attack) The denial of service attack or sometimes referred to as DoS attack is an effort by attackers to make a computer resource unavailable to its anticipated users. The seriousness of this attack is it can cause the network to slow down to a point of being unusable (Maple, Jacobs, & Reeve, 2006). Even though the motives for DoS attacks, the means to conduct it, and the targets of such attack varies, it still involves a rigorous and malicious efforts by the attacker (s) trying to prevent the WLANs services from functioning properly (Carli, Rosetti, & Neri, 2003). Woodward (2005) explained that the attack can be attempted in two ways. The first way to conduct the DoS attack is through the jamming technique which is quite easy to implement and not easily detected. This attack can cause serious interference to the WLAN when done intentionally or unintentionally such as placing a device that operates at the same frequency in the same area as the WLANs. The second way for DoS attack to be done is by exploiting the authentication and encryption weaknesses that exist within the 802.11 itself (Aime, Lioy, & Mazzocchi, 2004). In this attack the wireless node is forced to rejoin the WLANs where the logon and authentication details can be captured while the node is re-associating itself with the AP. The information gathered from this attacks can also lead to another problem, the man in the middle attack (Woodward, 2005). 15
Page 1 and 2: Exploring Wireless Network Security
Page 3 and 4: Attestation of Authorship “I here
Page 5 and 6: Table of Contents ABSTRACT II ATTES
Page 7 and 8: 5.4 SUMMARY 41 CHAPTER 6 CONCLUSION
Page 9 and 10: List of Tables Table 2.1 Overview o
Page 11 and 12: SNMP Simple Network Management Prot
Page 13 and 14: Chapter 1 Introduction Wireless net
Page 15 and 16: Chapter 2 Literature Review 2.1 Int
Page 17 and 18: 2005). The first advantage of this
Page 19 and 20: 2.3.1 802.11a The 802.11a was relea
Page 21 and 22: multiple output” or simply referr
Page 23 and 24: node is expected to decrypt the cha
Page 25: Borisov, Golberg and Wagner (2001)
Page 29 and 30: describe that most access points (A
Page 31 and 32: protocol, and the SSID. Lin et al.
Page 33 and 34: Chapter 3 Research Methodology 3.1
Page 35 and 36: Figure 3.1 The location and path of
Page 37 and 38: listen for any responding probe res
Page 39 and 40: Chapter 4 Results and Analysis 4.1
Page 41 and 42: Manufacturer Detected % D-Link Corp
Page 43 and 44: 4.2.3.2 ESS (AP) In the day scan, 7
Page 45 and 46: 4.2.5.2 Encryption WLAN in Auckland
Page 47 and 48: The research also discovered that t
Page 49 and 50: Network administrator should ensure
Page 51 and 52: includes but not limited to the fol
Page 53 and 54: integrity and availability are the
Page 55 and 56: Chapter 6 Conclusions 6.1 Introduct
Page 57 and 58: 6.6 Concluding remarks The WLANs is
Page 59 and 60: Carli, M., Rosetti, A., & Neri, A.
Page 61 and 62: Jardosh, A., Belding-Royer, E. M.,
Page 63 and 64: Shimonski, R. J. (2003). Wireless A
Page 65 and 66: Appendices Appendix 1: Example of D
Page 67 and 68: Figure A 1 WLANs (Day Scan) Figure
Page 69 and 70: Figure A 5 WLAN (Day Scan) that are
Page 71 and 72: Figure A 9 Wireless (Night Scan) wi
Page 73 and 74: Table A 1 Device Manufacturer (Day
Page 75 and 76: Table A 3 MAC addresses detected in
Page 77 and 78:
Table A 4 MAC addresses detected in
Page 79 and 80:
Table A 5 MAC addresses detected in
Page 81 and 82:
Computer network simulators are ess
Page 83:
Simulator Web Address Type Scale Ne
show all

AIS300 - Scheme of Work - Scholarly Commons Home

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?