attacks and defense strategies in a wireless local area network course: csci5235 instructor: dr....

Attacks and defense strategies in a wireless local

area network

Course: CSCI5235Instructor: Dr. Andrew T. YangStudent: Fan Yang

Agenda What is wireless local area network? 802.11 Wireless security Threats or attacks in wireless local

area network Defense strategies References

Wireless Local Area Network

802.11 IEEE 802.11 is a set of standards for wireless local

area network (WLAN) computer communication, developed by the IEEE LAN/MAN Standards Committee (IEEE 802) in the 5 GHz and 2.4 GHz public spectrum bands.

http://en.wikipedia.org/wiki/802.11

Wireless Security

In December 2004, a class of 100 undergraduates worked to map the city of Seattle, Washington over several weeks. They found 5,225 access points; 44% were secured with WEP encryption, 52% were open, and 3% were pay-for-access. [4]

Possible threats or attacks in wireless local area network

Observations on Packets Captured Rogue Access Points Spoofing Denial of Service (DoS) Attacks Man-In-The-Middle Attacks Weakness of WEP

Weakness of WEP

Wired Equivalent Privacy (WEP) WEP

RC4 64 bit 128 bit more secure (bit slower speed) Pass phrase

Wireless signals are easy to intercept and WEP security is fairly simple to crack given the right tools.

AirSnort, WEPCrack, AirCrack.

Weakness of WEP

Man-In-The-Middle Attacks

Defense strategies Wi-Fi Protected Access (WPA and

WPA2) Against Spoofing Against Flooding attack Against Eavesdropping Against DoS attack Virtual Private Networks (VPN)

WPA and WPA2

The recommended solution to WEP security problems is to switch to WPA2 or the less resource intensive WPA.One major improvement in the protocol over WEP is the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. When combined with the much larger initialization vector, this provides greatly improved protection against the well-known key recovery attacks on WEP.RADIUS authentication

References 1) http://en.wikipedia.org/wiki/Wardriving 2) Lawan A. Mohammed and Biju Issac,

“DoS Attacks and Defense Mechanisms in Wireless Networks”, Mobile Technology, Applications and Systems, 2005 2nd International Conference on15-17 Nov. 2005 Page(s):8 pp.

3) Bradley Morgan, “Wireless Security Attacks and Defenses”, White paper, Available online: http://www.windowsecurity.com/whitepapers/Wireless-Security-Attacks-Defenses.html

4) Dan Schade, “Wireless Attacks and Defense”, Available online: http://www.infosecwriters.com/text_resources/pdf/Wireless_Attacks_DSchade.pdf