Wireless Network Security
By Patrick Yount and
CIS 4360Fall 2009
Taking Steps Towards a Wireless World
Taking Steps Towards a Wireless World
QuickTime™ and a decompressor
are needed to see this picture.
QuickTime™ and a decompressor
are needed to see this picture.QuickTime™ and a
decompressorare needed to see this picture.
QuickTime™ and a decompressor
are needed to see this picture.
What is a Wireless Network?
What is a Wireless Network?
A group of connected devices that communicate through the air by means of electromagnetic waves, such as radio waves.
A group of connected devices that communicate through the air by means of electromagnetic waves, such as radio waves.
Types of Wireless Networks
Types of Wireless Networks
WPAN’s dynamically connect devices within a relatively small area; maintain random network configurations.i.e. Bluetooth, ad-hoc networks
WLAN’s connect devices over a more broad area, known as a cell. Can be found in our homes, libraries, and coffee shops.i.e. Wi-Fi, laser bridges
WPAN’s dynamically connect devices within a relatively small area; maintain random network configurations.i.e. Bluetooth, ad-hoc networks
WLAN’s connect devices over a more broad area, known as a cell. Can be found in our homes, libraries, and coffee shops.i.e. Wi-Fi, laser bridges
Types of Wireless Networks
Types of Wireless Networks
WMAN’s are the connection of multiple WLAN’s and may span an entire city or college campus.i.e. WiMAX
Mobile device networks which are used by our cell phones.i.e. GSM (2G), 3G cellular networks
WMAN’s are the connection of multiple WLAN’s and may span an entire city or college campus.i.e. WiMAX
Mobile device networks which are used by our cell phones.i.e. GSM (2G), 3G cellular networks
Wireless ApplicationsWireless Applications
LaptopsCellular phonesHeadphonesKeyboardsPrintersSpeakersGlobal Positioning
Systems (GPS)
LaptopsCellular phonesHeadphonesKeyboardsPrintersSpeakersGlobal Positioning
Systems (GPS)
Laser BridgesEmergency
ServicesRoboticsBiotechnologyNanotechnologyRadio Frequency
Identification (RFID) transponders
Laser BridgesEmergency
ServicesRoboticsBiotechnologyNanotechnologyRadio Frequency
Identification (RFID) transponders
The possibilities are endless!
What is RFID?What is RFID?
By means of a simple integrated circuit and an antenna, RFID tags can quickly and reliably identify nearly anything when scanned with an RFID reader.
By means of a simple integrated circuit and an antenna, RFID tags can quickly and reliably identify nearly anything when scanned with an RFID reader.
QuickTime™ and a decompressor
are needed to see this picture.
QuickTime™ and a decompressor
are needed to see this picture.
QuickTime™ and a decompressor
are needed to see this picture.
Radio Frequency Identification
Radio Frequency Identification
Three types:1. Passive does not
have a power supply.2. Active has a power
supply that powers the transmission.
3. Semi-passive has a power supply that powers the chip, but not the transmission.
Three types:1. Passive does not
have a power supply.2. Active has a power
supply that powers the transmission.
3. Semi-passive has a power supply that powers the chip, but not the transmission.
QuickTime™ and a decompressor
are needed to see this picture.
QuickTime™ and a decompressor
are needed to see this picture.
Our ResponsibilityOur Responsibility
We must understand and adequately address the inherent security risks involved with wireless networking.
We must understand and adequately address the inherent security risks involved with wireless networking.
Physical theft1. Be aware of your
surroundings.2. Secure your
devices when they are not in use.
Wireless medium
Physical theft1. Be aware of your
surroundings.2. Secure your
devices when they are not in use.
Wireless medium
Wireless Network Security.
Wireless Network Security.
Types of unauthorized access :
Types of unauthorized access :
-Accidental association
-Malicious association
-Ad-hoc networks
-Non-traditional networks
-Accidental association
-Malicious association
-Ad-hoc networks
-Non-traditional networks
Types of unauthorized access :
Types of unauthorized access :
-Identity theft (MAC spoofing)
-Man-in-the-middle attacks
- Denial of service
-Network injection
- Café Latte attack
-Identity theft (MAC spoofing)
-Man-in-the-middle attacks
- Denial of service
-Network injection
- Café Latte attack
Counteracting security risks
Counteracting security risks
All wireless LAN devices need to be secured
All users of the wireless network need to be educated in wireless network security
All wireless networks need to be actively monitored for weaknesses and breaches
All wireless LAN devices need to be secured
All users of the wireless network need to be educated in wireless network security
All wireless networks need to be actively monitored for weaknesses and breaches
There are some very good cryptographic tools that can be used to protect digital resources.
Many of these tools have proven security The problem is usually bad implementations The best cryptographic security is point-to-pointpoint-to-point
securitysecurity (such as VPN) The source & destination
―are mutually authenticated (with public key cryptography)―exchange privately a fresh secret key (with public key
cryptography)―use symmetric key encryption scheme to encrypt exchanged data
(with symmetric key cryptography
There are some very good cryptographic tools that can be used to protect digital resources.
Many of these tools have proven security The problem is usually bad implementations The best cryptographic security is point-to-pointpoint-to-point
securitysecurity (such as VPN) The source & destination
―are mutually authenticated (with public key cryptography)―exchange privately a fresh secret key (with public key
cryptography)―use symmetric key encryption scheme to encrypt exchanged data
(with symmetric key cryptography
Point-to-point security― Authentication usually involves certificates (a trusted third
party certifies the public key of the entities) and a cryptographic handshake.
― WIMAX uses the Extensible Authentication Protocol for this purpose.
― For encryption it uses block ciphers such as DES3 or AES
This offers protection at the protocol layer― There are still problems at the physical layer, such as jamming
attacks (Denial-of-Service), or flooding attacks
Security vs. functionality tradeoff―Rule of thumb: the more security the less
functionality …
Point-to-point security― Authentication usually involves certificates (a trusted third
party certifies the public key of the entities) and a cryptographic handshake.
― WIMAX uses the Extensible Authentication Protocol for this purpose.
― For encryption it uses block ciphers such as DES3 or AES
This offers protection at the protocol layer― There are still problems at the physical layer, such as jamming
attacks (Denial-of-Service), or flooding attacks
Security vs. functionality tradeoff―Rule of thumb: the more security the less
functionality …