Presented by Mr. Nileshkumar R. Jaiswar

Wireless Network Security

Introduction Wireless technologies, in the simplest sense, enable

one or more devices to communicate without physical connections

Wireless NetworksWireless Wide Area Networks (WWAN),

WLANs, and Wireless Personal Area Networks (WPAN). WWAN includes wide coverage area technologies such as 2G cellular, Cellular Digital Packet Data (CDPD), Global System for Mobile Communications (GSM). WLAN, representing wireless local area networks, includes 802.11 and several others.

Wireless Devices Personal Digital Assistants (PDA) Smart Phones Laptops

Wireless Standards IEEE 802.11 (bandwidth up to 2 Mbps) IEEE 802.11b (bandwidth up to 11 Mbps) IEEE 802.11a (bandwidth up to 54 Mbps) IEEE 802.11g (bandwidth up to 54 Mbps) IEEE 802.11n (support data rates of over 100 Mbps)

Wireless Security Threats Potential threats in wireless networks are device

theft, denial of service, malicious hackers, malicious code, theft of service, and industrial and foreign espionage.

Security requirements Authenticity Non repudiation Accountability

IEEE 802.11 Architecture

Security of 802.11 Wireless LANs

Security Features of 802.11 Wireless LANs per the Standard

1. Authentication

2. Confidentiality or privacy

Authentication

Shared-key Authentication

Privacy

Security Requirements and Threats

Passive Attack * Eavesdropping

* Traffic analysis

Active Attack * Masquerading * Replay * Message modification * Denial-of-service

1.Loss of Confidentiality

2.Loss of Integrity

3.Loss of Network Availability

4.Other Security Risks

5.Risk Mitigation

Technical

Countermeasures

Software SolutionsAccess Point Configuration

* Updating default passwords

* Establishing proper encryption settings* Controlling the reset function* Using MAC ACL functionality* Disable broadcast SSID feature

* Changing default channel.* Using DHCP.

Personal Firewalls Resources on public wireless networks have a

higher risk of attack since they generally do not have the same degree of protection as internal resources. Personal firewalls offer some protection against certain attacks. Personal firewalls are software-based solutions that reside on a client's machine

Intrusion Detection System (IDS) An intrusion detection system is an effective

tool for determining whether unauthorized users are attempting to access, have already accessed, or have compromised the network.

Encryption Generally have only two encryption

settings available: 40-bit shared key, and 104-bit setting.

Security Assessments Security assessments, or audits, are an

essential tool for checking the security posture of a WLAN and for determining corrective action to make sure it remains secure.

Hardware Solutions

Hardware countermeasures for mitigating WLAN risks include implementing smart cards, VPNs, PKI, biometrics, and other hardware solutions.

Smart Cards Smart cards may add another level of protection, although they also add another layer of complexity. Agencies can use smart cards in conjunction with username or password

Public Key Infrastructure (PKI)PKI provides the framework and services for the generation, production, distribution, control, and accounting of public key certificates. It provides applications with secure encryption and authentication of network.

BiometricsBiometric devices include fingerprint/palm-print scanners, optical scanners (including retina and iris scanners), facial recognition scanners, and voice recognition scanners. Biometrics provide an added layer of protection.

Advantages :-ConvenienceMobility ExpandabilityCost

Disadvantages:-SecurityRangeReliabilitySpeed

ConclusionIn this case study, we have reviewed wireless network security issues in trust, management, interoperation and measurement and have identified a number of open Critical issues in management of security relationships in public access networks include1.multi-provider authentication

2.protection of incentive information and lightweight key distribution schemes

3.compromised node defense through redundancy and consistency checking and more efficient public-key schemes.

Reference

http://www.bwif.org/http://ipoint-tech.com/http://en.wikipedia.org/wiki/Wi-Fihttp://www.webopedia.com/TERM/W/

Wi_Fi.html

Thank You