Research Paper On Wireless Security

FULL LISTNEWSEARCH

Wireless network security




Wireless network security
free download
Executive Summary Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. Wireless technologies cover a broad range of differing capabilities oriented toward 

Wireless network security
free download
In recent years, wireless local area network (WLAN) protocols or solutions have become much more affordable and user-friendly. As alternatives or extensions to wired networks they can provide more flexibility and mobility. However, there are serious concerns about the 

Wireless Network Security
free download
Wireless networks are common and are a part of every organization or an individual. With the increase in the use of internet, it becomes extremely important to keep communications like e-mails, ecommerce transactions and enterprise data transmissions secure. A decade 

Wireless network security
free download
ABSTRACT This article briefly describes the most important security protocols for wireless networks. It focuses on the the Bluetooth standard for Personal Area Networks (PAN) and on the IEEE 802.11 standard for Wireless LANs (WLAN). The strengths and weaknesses of 

Wireless Network Security
free download
ABSTRACT Wireless networking technology opens up a broad range of exciting possibilities for users. Application of technology can help to lower installation costs and time to deploy network infrastructure, can increase productivity and allows for a higher level of flexibility 

Wireless Network Security
free download
ABSTRACT Wireless networking is inherently insecure. From jamming to eavesdropping, from man-inthe middle to spoofing, there are a variety of attack methods that can be used against the users of wireless networks. Modern wireless data networks use a variety of 

Wireless Network Security
free download
WIRELESS NETWORK SECURITY A thesis submitted to the faculty of San Francisco State University In partial fulfillment of The requirements for The degree  CERTIFICATION OF APPROVAL I certify that I have read Wireless Network Security by Arsham Hatambeiki, and that 

Wireless network security
free download
Executive Summary Wireless communications offer organizations and users many benefits such as portability and flexibility, increased productivity, and lower installation costs. Wireless technologies cover a broad range of differing capabilities oriented toward 

On the security of wireless network access with enhancements
free download
ABSTRACT The security of the current 3G wireless protocols addresses the problems faced by the 2G systems, in addition to fulfilling the higher 3G security requirements mandated from operating in IP networks as well as voice networks. However, the approach adopted 

Wireless sensor network security analysis
free download
ABSTRACT The emergence of sensor networks as one of the dominant technology trends in the coming decades has posed numerous unique challenges to researchers. These networks are likely to be composed of hundreds, and potentially thousands of tiny sensor 

Security protocol for IEEE 802.11 wireless local area network
free download
As Wireless Local Area Networks (WLANs) are rapidly deployed to expand the field of wireless products, the provision of authentication and privacy of the information transfer will be mandatory. These functions need to take into account the inherent limitations of the 

Recommendations for wireless network security policy: an analysis and classification of current and emerging threats and solutions for different organisations
free download
ABSTRACT Since their inception, 802.11 wireless networks have been plagued by a wide range of security problems. These problems relate to both data security and denial of service attacks, and there have been many solutions created by different vendors address these 

Model checking wireless sensor network security protocols: Tinysec+ leap
free download
In this paper, a formal analysis of security protocols in the field of wireless sensor networks is presented. Two complementary protocols, TinySec and LEAP, are modelled using the high- level formal language HLPSL, and verified using the model checking tool Avispa, where 

A calculus for the analysis of wireless network security protocols
free download
We propose a timed broadcasting calculus for wireless systems. The operational semantics of our calculus is given both in terms of a Reduction Semantics and in terms of a Labelled Transition Semantics. We prove that the two semantics coincide. The labelled transition 

Role of authorization in wireless network security
free download
Wireless security work has largely focused on authentication and key exchange, and using the resulting security association for encryption and integrity protection of individual packets. Authorization has often been considered something that just happens at some step, and 

LSec: Lightweight security protocol for distributed wireless sensor network
free download
Constraint specific wireless sensor networks need energy efficient and secure communication mechanisms. In this paper we propose Lightweight Security protocol (LSec) that fulfils both requirements. LSec provides authentication and authorization of sensor 

Model checking wireless sensor network security protocols: TinySec+ LEAP+ TinyPK
free download
ABSTRACT In this paper, a formal analysis of security protocols in the field of wireless sensor networks is presented. Three complementary protocols, TinySec, LEAP and TinyPK, are modelled using the high-level formal language HLPSL, and verified using the model 

Security of wireless sensor network
free download
ABSTRACT Wireless Sensor Networks (WSN) is an emerging technology and day by day it is attracting the attention of researchers with its challenging characteristics and diversified application domain. The more researchers try to develop further cost and energy efficient 

Wireless Network Security: Vulnerabilities, Threats and Countermeasures
free download
ABSTRACT Wireless networking provides many advantages, but it also coupled with new security threats and alters the organization's overall information security risk profile. Although implementation of technological solutions is the usual respond to wireless 

Wireless Network Security for IEEE 802.11 a/b/g and Bluetooth (DRAFT)
free download
The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347.

A Comparison of Security Protocols in a Wireless Network Environment
free download
ABSTRACT The advent of wireless networks has greatly increased the possibilities for mobile computing offered to the general public. Miniaturization has aided this trend towards increased user mobility with the development of notebook computers and Personal Digital 

Agent-Oriented Novel Quantum Key Distribution Protocol for the Security in Wireless Network
free download
Wireless security is becoming increasingly important as wireless applications and systems are widely adopted. Numerous organizations have already installed or are busy in installing wireless local area networks(WLANs). These networks, based on the IEEE 802.11 

Towards a realistic testbed for wireless network reliability and security performance studies
free download
This paper will describe our research on the creation of a wireless ad-hoc network testbed where ad hoc network applications can be tested in real radio environments. The testbed will be easy to use and modular enough to allow users to quickly adapt the testbed to their 

Analysis of Security Protocols in Wireless Sensor Network
free download
Wireless Sensor Networks (WSNs) consists of low power, low-cost smart devices which have limited computing resources. With a widespread growth of the 

A guide to wireless network security
free download
WAPs contain built-in security measures that afford minimal protection. These common measures include:• Wired Equivalent Privacy (WEP) encryption-WEP is the encryption standard for wireless transmissions and requires the WAP and the wireless NICs to be 

Explorative Learning of Wireless Network Security with Tele-Lab IT-Security
free download
Recently, IT-Security education and awareness creation have become important issues– especially for companies. Enterprises noticed that employees are often unknowingly responsible for security incidents. Due to the significant costs that may arise from such 

Mobile and Wireless Network Security
free download
Content protection o Uses Wired Equivalent Privacy (WEP) with secret key o Data is encrypted using IV and Default key or Key-mapping key o Initialization Vector (IV): 24-bit random val. chosen by transmitter o Default key: 40-or 104-bit key shared between AP 

Wireless Network Security Still Has no Clothes
free download
ABSTRACT As the popularity of wireless networks increases, so does the need to protect them. Encryption algorithms play a main role in information security systems. On the other side, those algorithms consume a significant amount of computing resources such as CPU time, 

A semantic analysis of wireless network security protocols
free download
Gorrieri and Martinelli's tGNDC is a general framework for the formal verification of security protocols in a concurrent scenario. We generalise their tGNDC schema to verify wireless network security protocols. Our generalisation relies on a simple timed broadcasting 

Security For Wireless Sensor Network
free download
ABSTRACT Wireless sensor network is highly vulnerable to attacks because it consists of various resource-constrained devices with their low battery power, less memory, and associated low energy. Sensor nodes communicate among themselves via wireless links. 

On a Low Security Overhead Mechanism for Secure Multi-path Routing Protocol in Wireless MeshNetwork
free download
Secure multi-path routing is a critical issue in security management of WMNs due to its multi- hop nature as each node takes part in routing mechanism making it prone to routing attacks. Security management mechanisms are armed with features such as asymmetric 

Security against sybil attack in wireless sensor network through location verification
free download
A new functional for planar triangulation called Inner Core has been proposed in [4] for a location verification based defense against Sybil attack for sensor network, and also has been shown that the legitimacy of a new node inside the Inner Core of a triangle obtained 

Wireless Security and Monitoring for the Home Network
free download
ABSTRACT Marketing trends estimate that by the end of 2006, 21 million homes will have implemented a Local Area Network (LAN), and of those 21 million homes 65% will use wireless solutions.[1] The rapidly decreasing cost for wireless devices and the proliferation 

A Survey on Network Security and Attack Defense Mechanism For Wireless Sensor Networks
free download
SK Singh, MP Singh, DK Singh , of Computer Trends and Technology-May ABSTRACT The severe constraints and demanding deployment environments of wireless sensor networks make security for these systems more challenging than for conventional networks. However, several properties of sensor networks may help address the 

Network Security in Wireless Sensor Networks using Triple Umpiring System
free download
ABSTRACT Wireless Sensor Networks (WSN) is becoming a viable tool for many applications. In many cases these applications may be of critical nature, where the transmitting of vital information from sensors to base station or sink is crucial, and data loss cannot be 

Wireless Sensor Network Based Smart Community Security Service
free download
ABSTRACT This paper will present the first attempt to apply WSN on community security area. By III ZigBee Positioning System (IZPS), we have implemented a Smart Community Security System (SCSS) for a community. SCSS provides three main community security services, 

A distributed wireless sensor network system for transportation safety and security
free download
ABSTRACT Given the anticipated increases in highway traffic, the scale and complexity of the traffic infrastructure will continue to grow progressively in time and in distributed geographical areas. To assure transportation efficiency, safety, and security in the 

Security in wireless sensor network: a survey
free download
ABSTRACT Wireless Sensor Network is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being 

An enhanced security architecture for wireless sensor network
free download
ABSTRACT This paper introduces an enhanced secure sensor network architecture that provides the basic properties of data secrecy, authentication, and replay protection, with Low energy consumption overhead and relatively high security level. A novel Pairwise Key 

Research on Encryption Algorithm of Data Security for Wireless Sensor Network
free download
ABSTRACT In the WSN security mechanisms, authentication and encryption is the most important module. However, sensor nodes with limited computing resources and storage resources, making the deployment of security mechanisms in the nodes need to consider 

Wireless data network security for hospitals: various solutions to meet hipaa requirements'
free download
ABSTRACT The use of wireless data networks in hospital environments offers effective and efficient communication but also poses many security considerations directly related to protecting Patient Health Information (PHI). In this paper we will look at the Physical and 

WIRELESS NETWORK TECHNOLOGIES IN TRANSPORT AREA: SECURITY AND E-LEARNING APPLICATIONS
free download
ABSTRACT A wireless LAN is a method of linking computers together without using cables, but using radio signals or infrared light instead. This paper discusses the issues involved in determining whether a wireless LAN is appropriate for any institution (or part of an 

Application of rssi on indoor security wireless network
free download
ABSTRACT A smart security system in indoor environment using the Received Signal Strength Index (RSSI) is proposed in this paper. RSSI shows irregular wave pattern with low variance in common closed field. If dramatic RSSI signals happen in a closed environment 

Improved Feistel-based ciphers for wireless sensor network security
free download
ABSTRACT Wireless sensor networks (WSNs) are exposed to a variety of attacks. The quality and complexity of attacks are rising day by day. The proposed work aims at showing how the complexity of modern attacks is growing accordingly, leading to a similar rise in methods 

Substantiating Security Threats Using Different Views of Wireless Network Traces
free download
ABSTRACT Huge amounts of network traces can be collected from today's busy computer networks for various analysis. These traces could be used to detect intruders and other unusual events. Real time detection of outliers from large data sets can lead to effective 

Trusted Querying over Wireless Sensor Networks and Network Security Visualization
free download


An Effective Approach for Providing Anonymity in Wireless sensor Network: Detecting Attacks and Security Measures
free download
P Sharma, P Bhadana ,International Journal on Computer , 1830 ABSTRACT A wireless sensor network (WSN) consists of a large number of inexpensive and small nodes with sensing, data processing, and communication capabilities, which are densely deployed in a region of interest and collaborate to accomplish a common task. 

A System of Umpires for Security of Wireless Mobile Ad Hoc Network
free download
A Kathirvel, R Srinivasan ,International Arab Journal of e Technology ABSTRACT A mobile ad hoc network (MANET) is a self-created self-organized and self- administering set of nodes connected via wireless links without the aid of any fixed infrastructure or centralized administrator. Protecting the network layer from malicious 

Energy conserving security mechanism for wireless sensor network
free download
This paper describes Wireless Sensor Network (WSN) security to conserve wasteful energy. Sensor networks are emerging fast and will be the next wave towards new network appliances. Security must be justified and ensured before the large scale deployment of 

A new approach for evolution of end to end security in wireless sensor network
free download
ABSTRACT A wireless sensor network (WSN) is a network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor physical or environmental conditions such as temperature, sound, vibration, pressure, motion or pollutants, at 

Security approaches for cluster interconnection in a wireless sensor network
free download
ABSTRACT A wireless sensor network is a collection of devices limited in lowpowered batteries, processing, communication bandwidth capabilities and low memory availability. Due to these constraints, most of security approaches used in wired networks cannot be 

Compression and security platform for the testing of wireless sensor network nodes
free download
ABSTRACT This thesis considers the in-field testing of wireless sensor network (WSN) nodes as a means of providing increased network uptime. Such nodes operate with strict limits on energy, cost, computing power, and are prone to attack. While testing through 

WIRELESS NETWORK SECURITY THREATS
free download
U Sehgal, D Kumar This paper presents the process for overcoming the downtrend challenges in the field of networks and security. Wireless networks do not have the inbuilt physical security of wired networks so are more prone to attacks from intruders. Numerous tools, to complicate 

Multi-dimensional Analyses of 802.11 Wireless Network Security Protocols
free download
ABSTRACT Wireless networks have become so ubiquitous that researchers all over the world have come up with various security protocols to ensure confidentiality and integrity of data as well as availability of resources. IEEE 802.11 task group drafted a new wireless 

Wireless Network Security for Future Internet
free download
Y Okabe ,asiafi.net Page 1. Wireless Network Security for Future Internet Yasuo Okabe Academic Center for Computing and Media Studies Kyoto University Page 2. Overview 1. What is Network Security? 2. W-LAN Security Technologies 3. Security Issues on Public Wireless 

Potential Security Vulnerabilities of a Wireless Network Implementation in a Military Healthcare Environment
free download
J Meyer ABSTRACT This paper will look into the regulations governing data security on a military network as well as a military healthcare network. After the standards of data security are defined, it will take a look at some of the devices that comprise a wireless healthcare 

Chapter 3: Wireless Network Configuration and Security Strategies
free download
One of the basic steps in setting up a WLAN involves installation and configuration of one or more access points. The procedures for configuring an access point vary from one equipment manufacturer to another. Most access point units have an administrative interface that can 

Wireless Local Area Network (WLAN) Security solution for Corporate and E-Government businesses
free download
MM Satti, BJ Garner ,faculty.kfupm.edu.sa ABSTRACT Confidence in the use of the Wireless Local Area Network (WLAN) for internal, external or corporate business communications relies on effective security, and intruder detection processes. Regrettably, the triumph of the WLAN's design for corporate and 

Wireless Network Security: A Never-Ending Struggle
free download
ABSTRACT In this paper we will survey popular forms of wireless data protection through an analysis of different forms of wireless network protocols and wireless security protocols. We will examine the advantages and disadvantages of both past and future implementations 

Challenges and Issue in Wireless Security Network
free download
A Misra, K Anuradha, R Kumar ,ST. ANNE MARY EDUCATION SOCIETY ,annemary.org ABSTRACT Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it 

Survey: Security Measures and Associated Drawbacks of Wireless Body Area Network(WBAN)
free download
IA AL-Rassan, N Khan ,cerc.wvu.edu ABSTRACT Body sensor network is a critical life-saving infrastructure, which could maintain complete privacy of an individual. Body Area Network (BAN) are widely used in health care, military, sports and first responders. Recently, BAN security and its energy consumption 

A Survey of Wireless Sensor Network Security
free download
The area of wireless sensor networks is a growing field that has many applications that are being used today and others that are sure to be discovered. Currently wireless sensor networks are being utilized for applications such as habitat monitoring, and military 

Analysis of Wireless Network Security Protocols
free download
SR Rathi, VB Vora ,teal.gmu.edu ABSTRACT Wireless networks have become extremely widespread. However, providing security for these networks has proven to be a challenge due to the problems inherent with the way information is transmitted. The need for secured wireless communication has 

Enterprise Mobile Security using Wireless Sensor Network: Extending
free download
ABSTRACT Use of wireless sensor technology has increased rapidly in recent years, with many varied applications. In the same timeframe the ubiquitous cell phone has evolved from a simple voice communication device; smart phone technology has enabled consumers to 

Security Enhanced Dynamic Routing Algorithm for Wireless Sensor Network
free download
MN Bansod ABSTRACT In this project we deal fully about the security which has become one of the major issues for data communication for wired and wireless networks. Different from the past work on the designs of cryptography and system infrastructure, a dynamic routing algorithm is 

Security through Elliptic Curves for Wireless Network in Mobile Devices
free download
ABSTRACT The basic principle is A function is easy to evaluate but its invert is infeasible unless a secret key is known. It is mathematically proved that security of cryptographic does not imply its implementation security of system against Side-channel Attacks. The security of system 

Wireless Network Security: Design Considerations for an Enterprise Network
free download
Engineers (IEEE) 802.11 Wireless Local Area Network (WLAN) has become the de-facto standard for wireless networking, providing convenient and low cost connectivity. Increasingly, enterprises are extending their networks with 802.11-based WLANs to 

On Security in TCP/IP over Wireless Network
free download
ABSTRACT The Transmission Control Protocol/Internet Protocol (TCP/IP) is combination of different protocols at various layers. TCP/IP is the basic communication language or protocol of the Internet and private networks either an intranet or an extranet. TCP interfaces 

Security to Wireless Sensor Networks with Network Capacity and Network Lifetime Requirement
free download
IG Devi ABSTRACT this paper is based on the performance in duality of network capacity and network lifetime in wireless sensor networks. The paper works on SLP-PA approach. Where, each node to be utilized in an efficient manner to forward the packets among the nodes to the 

SPSF: Server Predominant Security Framework for Wireless Sensor Network in Mission-Critical Applications
free download
L Qiang, C Yimin, K Xiaohui, L Li, S Xiaoxia ABSTRACT We focus on the security of Wireless Sensor Network (WSN) in mission-critical applications, which imply that the WSN may be deployed in untrusted or hostile circumstances, and once its security is compromised, the result is disastrous. So, the 

Remote Home Security System Based on Wireless Sensor Network Using NS2
free download
ABSTRACT Nowadays, Wireless Monitoring for home security is among the cutting-edge research area in the field of wireless sensor networks. To implement real-time surveillance of the home security, the intelligent remote monitoring system was developed for home 

Schemes for Improving Wireless Physical Layer Security in the Cooperative Relay Network
free download
ABSTRACT Wireless cooperative relay networks are prone to many different types of attacks hindering the legitimate communication. Eavesdropping is an unauthorized interception of message signals and is a passive attack. Malicious relay, on the other hand, is an active 

A Security Architecture for Implementing Anonymity and Traceability In Wireless MeshNetwork using Clustering Concept
free download
M Jayanthi, MA Mukunthan ABSTRACT Wireless Mesh Network is a promising technology and is expected to be widespread due to its low investment feature and the wireless broadband services it supports, attractive to both service providers and users. However, security issues inherent 

Approaches to Wireless Sensor Network: Security Protocols
free download
H Singh, G Malik ,World ABSTRACT The advancement of electronics and wireless communication technologies have enabled the development of large scale wireless sensor network that consist of many low- power, low-cost and small size sensor nodes. With the help of sensor network we facilitate 

Security Surveillance Architecture: The Wireless Mesh Network Approach
free download
ABSTRACT The state of security in the country had been created a lot of panic in many areas to the extent that individuals now send a lot to protect their lives and properties. This state had not justified to a large extent the huge amount the government had spent, presently 

Vulnerability of Wireless Network Security due to Parallelized Brute Force Attacks
free download
ABSTRACT Wireless networks are becoming one of the most prominent methods for businesses and consumers to share digital information. While wireless networks are convenient, they also create a potential vulnerability for companies who choose to deploy 

A Survey on Security Attacks in Wireless Sensor Network
free download
KR Sunitha, HG Chandrakanth ABSTRACT A wireless sensor network (WSN) has important applications such as remote environmental monitoring and target tracking. This has been enabled by the availability, particularly inrecent years, of sensors that are smaller, cheaper, and intelligent. These 

An implementation of wireless sensor network for security system using Bluetooth
free download
JW Kim, BK Kim, DS Eom ,final.korea.ac.kr ABSTRACT We describe a Bluetooth wireless sensor network for security systems, which includes the implementation issues about system architecture, power management, self- configuration of network, and routing. We think that the methods or algorithms described in 

Enhancing Surveillance and Security of Oil Pipelines Transportation Using Wireless SensorNetwork
free download
ABSTRACT Surveillance and safety is immensely important in general, while explicitly in case of critical applications, such as oil carrying pipelines from wells to refinery and then to the sea ports for further transportation. Surveillance and safety systems with different 

A Dynamic Cryptographic Algorithm To Provide Network Level Security In Wireless SensorNetwork
free download
C TT II, C EE ABSTRACT Wireless sensor networks (WSNs) continue to evolves one of the most exciting and challenging research areas. There are many applications of wireless sensor networks that collect and disseminate sensitive and important information. For successful operation 

Security Attacks in Wireless Sensor Network
free download
P Bansal, B Yadav, S Gill, H Verma ABSTRACT Wireless Sensor Networks (WSNs) use small nodes with constrained capabilities to sense, collect, and disseminate information in many types of applications. One of the major challenges wireless sensor networks face today is security Wireless Sensor 

A Study on Security Management Service System for Wireless Network Environment
free download
ABSTRACT Cyber attacks against public communications networks are getting more complicated and varied. Sometimes, one country could make systematic attacks at a national level against another country to steal its confidential information and intellectual 

Security Enhancement of First Mile Wireless Access with Optimal QoS through Anonymity in Convergence Network
free download
ABSTRACT The first mile wireless access of convergence networks is prone to various attacks due to the broadcasting feature of transmission. Most of the existing security measures focus on protection of message contents, leaving the header part in plain text. Therefore, the 

A Security Analysis of UBC Wireless Network
free download
ABSTRACT The security policies of the UBC wireless network are concerned with origin integrity, ie authentication, and availability. To enforce origin integrity, users of the UBC wireless network are required to login via one of the three types of authentication 

An Energy Aware Key Establishment Framework for Wireless Sensor Network Security
free download
ABSTRACT Wireless sensor networks are networks consisting of nodes with sensors to monitor physical or environmental conditions. Resource constraint nature of wireless sensor network (WSN) turns the security issue certainly into a big challenge. Security is critical for sensor 

INVESTIGATING SECURITY MECHANISMS IN WIRELESS SENSOR NETWORK
free download
ABSTRACT Wireless sensor nodes are gaining huge popularity in many domains. This data acquisition system has tremendous significance in defense, traffic management and many more areas. Ensuring the security of both the collected data and the process of data 

SECURITY ISSUES IN WIRELESS SENSOR NETWORK
free download
M Gupta, CR Gupta Wireless sensor and actor networks (WSANs) refer to a group of sensors and actors linked by wireless medium to perform distributed sensing and actuation tasks. Nowadays it is rapidly growing in popularity and becoming a part of our use. It is giving the vision of anywhere and 

Practical Wireless Network Security
free download
D Williams ,derekwilliams.us ABSTRACT Security measures are available to protect data communication over wireless networks in general, and IEEE 802.11 (Wi-Fi) in particular. Unfortunately, these measures are not widely used, and many of them are easily circumvented. While Wi-Fi security risks 

Wireless Application Protocol for Potential Threats to Mobile Agent Network Security
free download
ABSTRACT The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are possibly infected with virus and worms. Though 

Reliable Security Wireless Sensor Network Using SCTP
free download
Summary Any network is said to be an intelligent one, only when the nodes of the network can have the ability to contact the other nodes without wire and being away from difficulty by means of congestion, late response and late acknowledgement. So here we propose to 

Wireless Local Area Network Security Protocols: Compliance with the IEEE 802.11 i Standard
free download
As Government regulations become more stringent, corporate responsibility to ensure data privacy increases. This study analyzes selected literature published between 1997 and 2005 to provide an analysis of wireless local area network security protocols based on 

Performance Evaluation of Wireless Local Area Network Security 802.11 b
free download
FIKUB Darma ,iatt.kemenperin.go.id Banyak perusahaan, organisasi dan bahkan individu yang mengimplementasikan Wireless Local Area Network (WLANs) dalam berbagai macam lokasi seperti di kantor-kantor, Bandar udara, ruang pertemuan, hotel, dan bahkan di caf-caf. Kelebihan dari teknologi tersebut 

AN ANALYSIS OF WIRELESS NETWORK SECURITY IN THE CITY OF ZAGREB AND THE ZAGREB AND KARLOVAC COUNTIES
free download
ABSTRACT Wireless LAN has become widely used in recent years, in business as well as household, educational and other settings. Since the onset of wireless communication its popularity has been on the rise. Users opt for it primarily because of its ease of use, ie the 

Wireless Network Security for Corporates
free download
ABSTRACT In recent years, the hottest high tech trend which has received a lot of publicity and hype is the term Wireless LAN (WLAN). There are more and more organizations of all sizes implementing and using wireless networks or Wi-Fi (Wireless Fidelity) networks. Not only 

LOCATION DISCOVERY WITH SECURITY IN WIRELESS SENSOR NETWORK
free download
ABSTRACT Localization is one of the supporting technologies in wireless sensor networks. To identify the exact location of each and every sensor may not be feasible. In most of the sensor network application gathered by sensor will be meaningless without the location of 

A SECURITY ARCHITECTURE FOR REAL-WORLD APPLICATIONS OF WIRELESS SENSORNETWORK
free download
ABSTRACT With the recent capability of being applicable in enormous fields, the Wireless Sensor Networks (WSN) have drawn attention of researchers and industries in diverse areas. Being deployed in areas that are hostile, WSN pose lots of difficulties and 

An Empirical Study on Wireless Network Security for Retailers
free download
ABSTRACT Retail merchants have been incorporating wireless solutions into their networks to increase efficiency and enhance the customer experience. In doing so, some merchants are potentially opening up their doors to unlawful access by hackers who intend to do harm. 

Network Coding based Information Security in Multi-hop Wireless Networks
free download
ABSTRACT Multi-hop Wireless Networks (MWNs) represent a class of networks where messages are forwarded through multiple hops of wireless transmission. Applications of this newly emerging communication paradigm include asset monitoring wireless sensor 

Wireless Local Area Network (LAN) Security Guideline
free download


Security and performance trade-off in KILAVI wireless sensor network
free download
ABSTRACT Wireless sensor networks are typically used in different control and monitoring applications. In these applications resource-constrained sensor nodes gather information from the environment and possibly execute control commands based on the content of 

Technologies to Overcome from Intimidation of Wireless Network Security
free download
ABSTRACT Inbuilt physical security in wireless networks is not obtainable and unfortunately these are more prone to attacks from intruders. Resources are easily accessible, once an unauthorized access is gained. Paper elucidates numerous attacks which an intruder 

Wireless Sensor Network: Security Out-of-the-Box for Agriculture
free download
ABSTRACT Agriculture accounts for a large scale of developing country but managing information on the field is lacked of skilled resources, budget and effective information system. The information system should be easy to access and maintain. As a result, 

Security against Selective Forward Attack in Wireless Sensor Network
free download
ABSTRACT Wireless sensor networks (WSNs) are being increasingly deployed for various applications such as object tracking and monitoring, precision agriculture, controlling nuclear reactors, detecting seismic activities, security and surveillance, navigational 


FREE ENGINEERING RESEARCH PAPERS

Security in Wireless Data Networks: A Survey Paper

Abdel-Karim R. Al Tamimi

abdelkarim.tamimi@gmail.com

Abstract

Both security and wireless communication will remain an interesting subject for years to come. They represent the need of ease of use and flexibility of communications in the computer world without jeopardizing the communicated content. This paper illustrates the key concepts of security, wireless networks, and security over wireless networks. Wireless security is demonstrated by explaining the main specifications of the common security standards like 802.11 WEP, 802.11 WPA and WPA2 (802.11i). Moreover, it explains the concept of WMAN (Wireless Metropolitan Access Network) and its security specifications. Finally, it sums up with thoughts and suggestions about wireless security, along with  a chosen example of the current proposals in wireless security.



See Also: In-Building Wireless LANs , Recent Advances in Wireless Data Networking , IP Security : A Brief Survey


Table of Contents:

Back to Table of Contents


1. Introduction

Security in computer world determines the ability of the system to manage, protect and distribute sensitive information. Data Security was found many years before the advent of wireless communication due to the mankind's need to send information (in war or in peace time) without exposing its content to others. The first and most known machine (Enigma) was used in WWII by the German military to encrypt their messages. The machine was something similar to a simple typing machine with a scrambler unit to obfuscate the content of the messages [Enigma][NIST98].

From that time till now, many solutions to security threats have been introduced, and most of them were abandoned or replaced by better security standards. These ongoing changes promoted the security field to be a permanent hot topic.

In the wireless world security threats were not known to public people till prices of wireless equipment went down around 2000. Before that date, the military was the number one client for wireless security products especially during the cold war.[Edney2003][Hardjono2005]

This paper aims to give a better understanding of security measures and protocols available in the market, along with a brief analysis of each security scheme's weaknesses and points of strength. This paper starts with an introduction to security and wireless worlds to give the right background for understanding the evolution of security standards. Section 3 gives a brief description about security standards in wireless LANs. Section 4 describes WMAN 802.16 protocol and the current security schemes used with it. Thoughts on wireless security section (section 5) explores some of the practical suggestions to increase the level of network security. Since security in wireless networks is still a working progress, section 6 discusses one of the recent proposals to enhance current security standards, a protocol called PANA (Protocol for carrying Authentication for Network Access). Finally, section 7 concludes this paper.

Back to Table of Contents


2. Security and Wireless Overview

An overview of security and wireless communications is presented in this section. Although this introduction will not cover all the aspects of both worlds, it will give a descent amount of information that allows the reader to go through the paper without the necessity of referring to other books or papers. Section 2.1 gives a crash course in security for both wired and wireless worlds. Section 2.2 describes the current wireless systems and infrastructures. Finally, a list of the common security threats and attacks are discussed in section 2.3.

2.1 Introduction to Security

This section outlines some of the basic conceptions in the security world. It starts by defining the goals behind implementing security in the computer world (Section 2.1.1). Then it discuss encryption and decryption concept (Section 2.1.2), the implementation of both block and stream ciphers (Section 2.1.3), and finally a brief description of the most common encryption standards.

2.1.1 Security Goals

Every security system must provide a bundle of security functions that can assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories[Earle2005][Imai2006]:

Authentication: This means that before sending and receiving data using the system, the receiver and sender identity should be verified.

Secrecy or Confidentiality: Usually this function (feature) is how most people identify a secure system. It means that only the authenticated people are able to interpret the message (date) content and no one else.

Integrity: Integrity means that the content of the communicated data is assured to be free from any type of modification between the end points (sender and receiver). The basic form of integrity is packet check sum in IPv4 packets.

Non-Repudiation: This function implies that neither the sender nor the receiver can falsely deny that they have sent a certain message.

Service Reliability and Availability: Since secure systems usually get attacked by intruders, which may affect their availability and type of service to their users. Such systems should provide a way to grant their users the quality of service they expect.

2.1.2 Data Encryption: Symmetric and Asymmetric Encryption

To send data securely between two nodes, the system must encrypt the data or "systematically scramble information so that it cannot be read without knowing the coding key" [Sabc]. This operation determines to a certain level the strength of the security system, the harder it is to break the encrypted message the more secure the system is to be. Figure 1 shows the common use of encryption/decryption techniques, where unsecured messages (plain text) are encrypted using a special encryption technique, sent over the network, then decrypted at the destination to viewed back as unencrypted messages.


Fig.1 Data Encryption and Decryption

Data encryption procedures are mainly categorized into two categories depending on the type of security keys used to encrypt/decrypt the secured data. These two categories are: Asymmetric and Symmetric encryption techniques.

Symmetric Encryption

In this type of encryption, the sender and the receiver agree on a secret (shared) key. Then they use this secret key to encrypt and decrypt their sent messages. Fig. 2 shows the process of symmetric cryptography. Node A and B first on the encryption technique to be used in encryption and decryption of communicated data. Then they agree on the secret key that both of them will use in this connection. After the encryption setup finishes, node A starts sending its data encrypted with the shared key, on the other side node B uses the same key to decrypt the encrypted messages.


Fig.2 Symmetric Encryption

The main concern behind symmetric encryption is how to share the secret key securely between the two peers. If the key gets known for any reason, the whole system collapses. The key management for this type of encryption is a troublesome, especially if a unique secret key is used for each peer-to-peer connection, then the total number of secret keys to be saved and managed for n-nodes will be n(n-1)/2 [ Edney2003] .

Asymmetric Encryption

Asymmetric encryption is the other type of encryption where two keys are used. To explain more, what Key1 can encrypt only Key2 can decrypt, and vice versa. It is also known as Public Key Cryptography (PKC), because users tend to use two keys: public key, which is know to the public, and private key which is known only to the user. Figure 3 below illustrates the use of the two keys between node A and node B. After agreeing on the type of encryption to be used in the connection, node B sends its public key to node A. Node A uses the received public key to encrypt its messages. Then when the encrypted messages arrive, node B uses its private key to decrypt them.


Fig.3 Asymmetric Encryption

This capability surmounts the symmetric encryption problem of managing secret keys. But on the other hand, this unique feature of public key encryption makes it mathematically more prone to attacks. Moreover, asymmetric encryption techniques are almost 1000 times slower than symmetric techniques, because they require more computational processing power[Edney2003][ Hardjono2005] .

To get the benefits of both methods, a hybrid technique is usually used. In this technique, asymmetric encryption is used to exchange the secret key, symmetric encryption is then used to transfer data between sender and receiver.

2.1.3 Block and Stream Ciphers

Another categorization method for encryption techniques is commonly used based on the form of the input data they operate on. The two types are Block Cipher and Stream Cipher. This section discusses the main features in the two types, operation mode, and compares between them in terms of security and performance.  

Block Cipher

In this method data is encrypted and decrypted if from of blocks. In its simplest mode, you divide the plain text into blocks which are then fed into the cipher system to produce blocks of cipher text.

There are many variances of block cipher, where different techniques are used to strengthen the security of the system. The most common methods are: ECB (Electronic Codebook Mode), CBC (Chain Block Chaining Mode), and OFB (Output Feedback Mode). ECB is the basic form of clock cipher where data blocks are encrypted directly to generate its correspondent ciphered blocks (shown in Fig. 4). CBC mode uses the cipher block from the previous step of encryption in the current one, which forms a chain-like encryption process. OFB operates on plain text in away similar to stream cipher that will be described below, where the encryption key used in every step depends on the encryption key from the previous step[Chandra2005][Edney2003] .


Fig.4 Block Cipher : ECB MODE

Stream Cipher

Stream cipher functions on a stream of data by operating on it bit by bit. Stream cipher consists of two major components: a key stream generator, and a mixing function. Mixing function is usually just an XOR function, while key stream generator is the main unit in stream cipher encryption technique. For example, if the key stream generator produces a series of zeros, the outputted ciphered stream will be identical to the original plain text.

To start the series of Key Stream, an Initialization Vector (IV) is sent to set the initial value. A common IV between the sender and the receiver is usually imposed to keep both of them synchronized. The IV can be auto-generated or incremented on each packet, which depends on the capabilities of the system.

The stream cipher technique can be categorized into two modes: Synchronous Stream Cipher, and Self-Synchronizing Stream Cipher. In Synchronous Stream Cipher the Key Stream Generator depends only on the base key used for encryption. Fig.5 Show how Sync. Stream Mode (the "simple" mode) operates on the both sender and receiver sides. The sender uses only the base (shared) key to encrypt the outgoing stream, on the other side the receiver decrypts the stream using the same key. The main disadvantage of this method is that if the base key gets known the whole system is compromised.


Fig.5 Stream Cipher : Simple Mode

The other mode is called Self-Synchronizing Stream Cipher. In this mode, the state of Key Stream Generator (the Key Used for that instant of time) depends on the previous states of cipher text bits. The previous states number is fixed and defined by the algorithm. Self-Synchronizing method is more secure than the previous mode, but it is slower. Fig 6 below shows the process undertaken by self-synch stream cipher to encrypt/decrypt data.


Fig.6 Stream Cipher : Self-Synch. Mode

Stream cipher has a well known advantage over block cipher because of its speed and simplicity of analysis. But in the same time it is a known fact that stream cipher is less secure than block cipher. That's why most of the recommendation of today's standards recommends using block cipher techniques over stream cipher ones [ Chandra2005] .

2.1.4 Data Encryption Standards: DES, AES and RC4

After taking a quick look at the major classification of data ciphers (both stream and block ciphers). In this section we will describe briefly some of the well known and used encryption standards. Moreover we will mention the key features and disadvantages of each standard .

DES

DES (Data Encryption Standard), was the first encryption standard to be recommended by NIST (National Institute of Standards and Technology). It is based on the IBM proposed algorithm called Lucifer. DES became a standard in 1974 [TropSoft] . Since that time, many attacks and methods recorded that exploit the weaknesses of DEC, which made it an insecure block cipher. As an enhancement of DEC, the3DEC (Triple DES) encryption standard was proposed. In this standard the encryption method is similar to the one in original DES but applied 3 times to increase the encryption level. But it is a known fact that 3DES is slower than other block cipher methods.

AES

AES (Advanced Encryption Standard), is the new encryption standard recommended by NIST to replace DES. Rijndael (pronounced Rain Doll) algorithm was selected in 1997 after a competition to select the best encryption standard. Brute force attack is the only effective attack known against it, in which the attacker tries to test all the characters combinations to unlock the encryption. Both AES and DES are block ciphers.

RC4

RC4 or ARC-Four is the most widely used stream cipher. It is used with SSL (Secure socket Layer), which is used to secure identification information and money transfers over the Internet. Moreover, it is used in WEP (Wired Equivalent Privacy) which is responsible for securing wireless data. RC4 showed that is secure enough for certain systems, but it was found out that it does not offer that level of security to wireless communications, making it fall short for many security standards [Chandra2005] .

2.2 Introduction to The Wireless World

Wireless data networks have spread between home users and companies in an increasing fashion. The main reason behind this fast adaptation is due to the nature of wireless networks where it provides the flexibility and freedom that wired networks lack. The increasing of bandwidth capabilities has inspired people to think seriously about replacing wired networks with wireless networks especially in places where it is hard or expensive to have wired networks. One of the main places that can benefit from these ideas are rural areas, where wired networks infrastructure is either difficult or impossible to create due to physical obstacles.

The main standards in the wireless world are: 802.11, which describes the Wireless LAN architecture, and 802.16 which describes the Wireless MAN architecture. These two wireless networks are usually known by two acronyms: WiFi (Wireless Fidelity) to be a symbol of WLAN, and WiMAX (Worldwide Interoperability for Microwave Access) to describe WMAN.

2.2.1 Wireless LAN (WLAN)


Fig.7 Wireless LAN

Wireless LAN is simply trying to imitate the structure of the wired LANs, using another medium to transfer data rather than cables. This medium is electromagnetic waves which are mainly either radio frequency (RF) or infrared frequency (IR).

Wireless LANs consist mainly of two entities: clients or end-user devices and Access Points (AP). Clients' are equipped with devices that allow the user to use the RF medium to communicate with other wireless devices. AP functions like a regular switch or router in wired network for the wireless devices. Moreover, it represents a gateway between the wireless devices and a wired network.

The basic structure of a Wireless LAN is called BSS (Basic Service Set) shown in Fig. 8, in which the network consists of an AP and several wireless devices. When these devices try to communicate among themselves they propagate their data through the AP device. In order to form the network, AP keeps broadcasting its SSID (Service Set Identifier) to allow others to join the network.


Fig.8 WLAN : BSS Structure

If the BSS did not have an AP device, and the wireless devices were communicating with each other directly, this BSS is called an Independent BSS and works in mode called "ad hoc mode" (shown in Fig.9). Group of BSSs (either BSS or IBSS) can be combined to form an ESS (Extended Service Set). This set is created by chaining this group of BSSs to a single backbone system.


Fig.9 WLAN : IBSS Structure

2.2.2 Wireless MAN (WMAN)

The idea behind using WMAN is to offer a broadband Internet service using wireless infrastructure. The idea is very similar to a TV broadcast network (shown in Fig.10). The theoretical speed of WMAN is 75Mbps extended to several miles, which offer a replacement to cable and DSL connections in the future[Hardjono2005] .


Fig.10 Wireless MAN

WMAN is also called BWA (Broadband Wireless Access) as a formal title along with the industry icon acronym WiMAX. The main target of implementing WiMAX technology is to provide a convenient solution to the "last mile access", where the fast data backbone traffic is to be distributed among consumers. This also helps expand the Internet covered areas especially in rural areas.

2.3 Security Attacks

As mentioned before, the main difference between wired and wireless networks is the medium it transfers its data through. This difference made the burden of securing the network heavier. The broadcast nature of wireless networks makes it easy for everyone to attack the network if not secured, due to the absence of physical barriers, where the range of wireless transmission ranges from 300 ft to half a mile [Arbaugh2003] .

The exponential growth of wireless networks add another obstacle on enhancing the network security. People tend to keep things the way they are instead of doing what is right. Also such enhancement of security is expensive in terms of time, money and effort that many users do not have or wish not to spend.

Below is a list of the most common attack types known in both wired and wireless networks. Most of the security attacks and threats are listed under the following categories:

Traffic Analysis

In this type of attacks the attacker uses the statistics of network connectivity and activity to find information about the attacked network. Information includes: AP location, AP SSID and the type of protocol used by the analysis of size and types of packets[Welch2003] .

Passive Eavesdropping

Attackers in this type set themselves in sniffing mode, where they listen to all the network traffic hoping to extract information from it. This type of attack is only useful with unencrypted networks and stream cipher encrypted ones.

Active Eavesdropping

Similar to passive eavesdropping but the attacker tries to change the data on the packet, or to inject a complete packet in the stream of data.

Unauthorized Access

This type of attack is also known by many other names, such as war driving, war walking, and war flying[Earle2005] . This is the most common attack type where the attacker tries to get access to a network that she is not authorized to access. Mainly the reason behind such attacks is just to get Internet access for free[Potter2003] .

Man-in-the-middle Attacks

In this attack, the attacker gets the packets before the intended receiver does. This allows her to change the content of the message. One of the most known subset of this attack is called ARP (Address Resolution Protocol) attacks, where the attacker redirects network traffic to pass through her device[Welch2003] .

Session High-Jacking

The attacker attacks the integrity of the session by trying to hijack an authorized session from an authorized user.

Replay Attacks

In this type of attack the attacker uses the information from previous authenticated sessions to gain access to the network.

Rouge AP

Some of the devices allow the user to declare itself as an AP. This will make people confused and sometimes they may connect to this false AP exposing their information to it. This can be solved by imposing mutual authentication between AP and network devices.

DoS Attacks

DoS (Denial of Service) attacks are the hardest type of attacks to overcome. Attackers use frequency devices to send continuous noise on a specific channel to ruin network connectivity. It is known in the wireless world as RF Jamming [Welch2003] .

There are many other threats that can be placed under one of the categories above. These different types of attacks make it harder for the standard regulators to find the best way to come up with the best solutions to the security hazards without sacrificing network usability or speed. In this section we discussed the common concepts in security, the wireless world and the common security attacks against networks in both wired and wireless networks. This section should have provided enough information to go through the following sections.

Back to Table of Contents


3. Security in WLAN 802.11

In this section, we will go through the steps wireless LAN security took to achieve its current status of implementing 802.11i security protocol . First we will talk about the difficulties faced in creating the standard, then describe the standard 802.11 itself. After that we will take a journey through the different security modules that have been proposed to solve the security issues related to wireless networks starting from WEP and ending with WPA2.

Wireless media is more difficult to secure because of its broadcast nature[Arbaugh2003] . This property makes creating a well secured protocol that is similar to wired security modules a very hard task. In addition to that, mobile units that use wireless security protocols differ from regular PCs in many aspects. There are constraints related to processing power, battery capacity, and flexibility to facilitate inter-operability. In addition to that, there is a need for tampering proof techniques in case mobile units fall into the hands of malicious entities [Ravi2002] .

3.1 802.11 Standard

The 802.11 IEEE standard was standardized in 1997. It consists of  three layers: Physical layer, MAC (Medium Access Control) layer, and LLC (Logical Link Control) layer (Fig. 11). The first version of the standard supported only 2 Mbps bandwidth, which motivated the developing teams to come up with other standards to support up to 54Mbps.


Fig.11 802.11 Layers

Designers took into consideration the necessity of making the physical layer supports more than one signaling technique and interface, as shown in Fig. 11 above. The physical layer is responsible for providing an interface to exchange frames with the upper MAC layer, transmitting and signaling packets, and works as a media activity sensor for MAC layer.

The MAC layer supports the functionality needed to allow reliable transfer to the upper layers, and it is very similar to the data link layer in the OSI (Open System Interconnection) model. It provides the functionality to control media access, and it is connectionless oriented. The LLC provides addressing and data link control, and it is independent from the lower layers (MAC and PHY). LLC provides connection oriented service to the upper layers.

802.11 Authentication

To allow clients to access the network they must be go through two steps: getting authenticated by the AP, then getting associated. There are two types of authentications used: Shared Key Authentication and Open Key Authentication [Earle2005].

In the WEP (Wired Equivalent Privacy) standard (the first security module used with 802.11) both of the authentication modes were supported. In the new security standards, it is not recommended to use shared key authentication. Fig. 12 below shows how Shared Key Authentication works.


Fig.12 Shared Key Authentication

When the client wants to connect to the AP, it sends a request. Upon that request the AP sends a challenge packet in clear text (unencrypted). The client then encrypt it with its WEP key and sends it back. The AP tries to decrypt the message using its WEP key. If the decryption process succeeded that means the client is an authenticated user, otherwise the access is denied. In this case if someone is sniffing the traffic, they will get a copy of the encrypted and clear text versions of the message. With some time and processing power the WEP key can be found.

Open Key Authentication does not involve challenge/response messages exchange. The client will get authenticated always, but to send and receive messages she needs to have the correct WEP key. Although Open Key Authentication does not offer any kind of authentication, it is more secure. The reason behind the last statement is that Open Key Authentication does not expose the WEP key to traffic sniffers.[startawisp]

3.2 WEP (Wired Equivalent Privacy)

WEP has three goals to achieve for wireless LAN: confidentiality, availability and integrity [Earle2005] . WEP is now considered insecure for many reasons, nonetheless it served its purpose for a certain amount of time.

WEP uses encryption to provide confidentiality. The encryption process is only between the client and the AP, meaning that packet transfers after the AP (wired LAN) are unencrypted. WEP uses RC4 (discussed earlier) for the encryption purposes. Since RC4 is a stream cipher it needs a seed value to start its key stream generator. This seed is called IV (Initialization Vector). The IV and the shared WEP key are used to encrypt/decrypt transferred packets (Fig. 13). In the encryption process, the Integrity check (IC) value is computed and attached to the payload, then the payload is XORed with the encryption key consisting of two sections (IV and WEP Key). The packet is then forwarded with the IV value sent in plain text (Fig. 14).


Fig.13 WEP Packet Encryption

WEP uses CRC (Cyclical Redundancy Checking) to verify message integrity. On the other side (receiver: AP) the decryption process is the same but reversed. The AP uses the IV value sent in plain text to decrypt the message by joining it with the shared WEP key. To get a better understanding of the operation, Fig. 14 below shows both encryption and decryption process between the client and AP.


Fig.14 WEP Encryption / Decryption

In this section we have described the way the WEP security protocol operates and the main features or properties it possesses. In the following section we will go through WEP weaknesses and flaws.

3.3 WEP Weaknesses

Many people still think that WEP is secure. They argue that because no big accident has occurred, that is related to wireless security yet, means "no news is good news". The argument completely contradicts with the meaning of security, where you have to predict the risk and work to secure yourself from it before it happens.

Other people believe that attacking a wireless network is expensive and complex,  it requires high processing power and complex techniques to break into the network. Today's computers have high processing power and they are continuously becoming cheaper . A wireless attacker does not need to now much about cryptography or security modules; there are many online tools that can ease the process for them [WarDrive] .

One of the major reasons behind WEP weaknesses is its key length. WEP has a 40-bit key , which can be broken in less than five hours using parallel attacks with the help of normal computer machines[Brown2003] . This issue urged vendors to update WEP from using 40-bit to 104-bit key; the new release is called WEP2.

This update helped to resolve some security issues with WEP. The main disadvantage of WEP however, is the lack of key management. Some SOHO users (Small Office/ Home Office) never change their WEP key, which once known the whole system is in jeopardy. In addition to that, WEP does not support mutual authentication. It only authenticates the client, making it open to rouge AP attacks.

Another issue is the use of CRC to ensure integrity. While CRC is a good integrity provision standard, it lacks the cryptography feature. CRC is known to be linear. By using a form of induction, knowing enough data (encrypted packets) and acquiring specific plaintext,  the WEP key can be resolved [Brown2003] .

RC4 suffers from a deadly symptom. It tends to repeat IV values (even if it is auto generated), making the exposing of the traffic easier. Mathematically, if the same IV is used to encrypt two packets (WEP key did not change also) and you have a pair of encrypted/plaintext message, then by applying the following simple rule:

C1 XOR C2 = P1 XOR P2

(you already know P1,C1 and C2), making it very easy to know the content of the new encrypted packet P2 . [Welch2003]

These weaknesses forced the designers of WLAN security modules to be more cautious. It demonstrates the result of not designing the security module from the ground up taking into consideration all applicable risks. In the next section we will go through the new standards that came after WEP to overcome its vulnerabilities.

3.4 802.1x : EAP Over LAN (EAPOL)

The 802.1x standard was designed for port base authentication for 802 networks. 802.1x does not care what encryption techniques is used, it is only used to authenticate users. EAP (Extensible authentication Protocol) was designed to support multiple authentication methods over point to point connections without requiring IP [RFC3748] . EAP allows any of the encryption schemes to be implemented on top of it, adding flexibility to the security design module. EAPOL (EAP over LAN) is EAP's implementation for LANs[EAPOL] .

The 802.1x framework defines three ports or entities: Supplicant (client want to be authenticated), Authenticator (AP that connect the supplicant to the wired network), and Authentication Server ( abbreviated AS which performs the authentication process from the supplicant based on their credentials). [Hardjono2005][Earle2005][EAPOL]

The authentication server in the 802.1x framework uses RADIUS (Remote Authentication Dial-In User Service) protocol to provide AAA (Authentication, Authorization and Accounting) service for network clients [RADIUS][Imai2006] . The protocol creates an encrypted tunnel between the AS (Authentication Server) and the Authenticator (AP). Authentication messages are exchanged inside the tunnel to determine if the client has access to the network or not. Fig.15 below shows the network layout.


Fig.15 802.1x Authentication

3.5 802.11i Standard

The 802.11i (released June 2004) security standard  is supposed to be the final solution to wireless security issue. It improves authentication, integrity and data transfer. Due to the market need of a better substitute to WEP vendors (WiFi Alliance) took a subset of it and market the new product  before the final release under the name WPA (WiFi Protected Access), which was released in April 2003. After the final release of 802.11i the vendors implemented the full specifications under the name WPA2. This section will explore the details of 802.11i and its features [WPA] .

802.11i supports two methods of authentication. The first method is the one described before by using 802.1x and EAP to authenticate users. For users who can not or do not want to implement the first method, another method was proposed to use per-session key per-device. This method is implemented by having a shared key (like the one in WEP) called GMK (Group Master Key), which represent the base key to derive the other .GMK is used to derive PTK (Pair Transient Key) and PSK (Pair Session Key) to do the authentication and data encryption.

To solve the integrity problem with WEP, a new algorithm named Michael is used to calculate an 8-byte integrity check called MIC (Message Integrity Code). Michael differs from the old CRC method by protecting both data and the header. Michael implements a frame counter which helps to protect against replay attacks [Microsoft-WPA][Tech-FAQ] .

To improve data transfer, 802.11i specifies three protocols: TKIP, CCMP and WRAP. TKIP (Temporal Key Integrity Management) was introduced as a "band-aid" solution to WEP problems[ Brown2003] . One of the major advantages of implementing TKIP is that you do not need to update the hardware of the devices to run it. Simple firmware/software upgrade is enough.Unlike WEP, TKIP provides per-packet key mixing, a message integrity check and a re-keying mechanism [ TKIP] . TKIP ensures that every data packet is sent with its own unique encryption key. TKIP is included in 802.11i mainly for backward compatibility.

WRAP (Wireless Robust Authenticated Protocol) is the LAN implementation of the AES encryption standard introduced earlier. It was ported to wireless to get the benefits of AES encryption. WRAP has intellectual property issues, where three parties have filed for its patent. This problem caused IEEE to replace it with CCMP.[Tech-FAQ2][Brown2003] .

CCMP (Counter with Cipher Block Chaining Message Authentication Code Protocol) is considered the optimal solution for secure data transfer under 802.11i. CCMP uses AES for encryption. The use of AES will require a hardware upgrade to support the new encryption algorithm.

3.6 RSN

RSN (Robust Secure/Security Network) is a part of 802.11i for providing a method to exchange the clients and the AP capabilities of implementing security methods . RSN uses  RSN IE (Information Element) frames to exchange this type of information. RSN increases the flexibility of wireless security network standards and provides options to define the security policies implemented in organizations.[Earle2005]

This section described the security standards implemented in wireless LANs. It showed the difficulties the developers face to specify new standards to fill security holes from old standards. It also gave a glance about 802.11i standard features and improvements over WEP .

Back to Table of Contents


4. Security in WMAN 802.16

As mentioned before, the WMAN or WiMAX was proposed to solve the "last mile" problem. The 802.16 standard was released in Dec 2001. That gave the designers the time to learn from the mistakes made in 802.11 WEP security protocol. In the following sections the architecture of 802.16 will be discussed along with pointing out the security threats found in it.

4.1 The 802.16 Protocol Layers

802.16 protocol consists of four layers (Shown in Fig. 16):

,". Security & Privacy Magazine, IEEE Volume 1, Issue 4, July-Aug. 2003 Page(s):68 - 72
  • [Osorio2005] "Measuring energy-security tradeoffs in wireless networks,". Performance,Computing, and Communications Conference, 2005. IPCCC 2005. 24th IEEE International 7-9 April 2005 Page(s):293 - 302
  • [Johnston2004] "Overview of IEEE 802.16 security,". Security & Privacy Magazine, IEEE Volume 02, Issue 3, May-June 2004 Page(s):40 - 48
  • [Ravi2002],"Securing Wireless Data: System Architecture Challenges", in Proc. Intl. Symp. System Synthesis, pp. 195--200, October 2002
  • [Hole2005] "Securing Wi-Fi networks,". Computer Volume 38, Issue 7, July 2005 Page(s):28 - 34
  • [Chen2005] "Wireless LAN security and IEEE 802.11i,". Wireless Communications, IEEE Volume 12, Issue 1, Feb. 2005 Page(s):27 - 36
  • [Brown2003] "802.11: the security differences between b and i ,". " Potentials, IEEE Volume 22, Issue 4, Oct-Nov 2003 Page(s):23 - 27"
  • [Barbeau2005] "WiMax/802.16 threat analysis,". International Workshop on Modeling Analysis and Simulation of Wireless and Mobile Systems
  • [Viega2005] "Security---problem solved? ,".Queue Volume 3 , Issue 5 (June 2005) Security: a war without end
  • [WirelessLAN]; Wireless LAN ," http://cnscenter.future.co.kr/hot- topic/wlan.html [ This page sums up all the organizations, papers, resources, … etc related to WLAN ]
  • [Unofficial802.11]" The Unofficial 802.11 Security Web Page ," http://www.drizzle.com/~aboba/IEEE/ [ This page tries to gather relevant papers and standards to 802.11 Security in a single place. ]
  • [CITA]" CTIA : Wireless Internet Caucus: Standards & Tech ," http://www.wirelessenterpriseinfo.org/wic/standardsandtech.htm [ Links to all groups that have been involved in the identification and development of standards and requirements for mobile data solutions ]
  • [WiFiPlanet] " Wi-Fi Planet ," http://www.wi-fiplanet.com/ [ The Source for Wi-Fi Business and Technology]
  • [ITtoolbox]" ITtoolbox Security Knowledge Base ," http://security.ittoolbox.com/ [ ITtoolbox Security Knowledge Base provides the latest community-generated content from the IT market. Share knowledge with your peers and work together to form experience-based decisions. ]
  • [Enigma]. "Enigma Machine", http://homepages.tesco.net/~andycarlson/enigma/about_enigma.html [Description about Enigma Machine and how it works]
  • [NIST98] "Security History", http://csrc.nist.gov/publications/history/ [Group of papers that explain security history in computer world]
  • [Sabc] "Glossary Terms", http://www.sabc.co.za/manual/ibm/9agloss.htm [Definition of security]
  • [TropSoft] "DES Overview", http://www.tropsoft.com/strongenc/des.htm [Explains how DES works in details, features and weaknesses]
  • [Cohen2003] "802.16 Tutorial" http://www.wi-fiplanet.com/tutorials/article.php/3068551 [Tutorial about 802.16 standard and about its security features]
  • [WarDrive] "War Driving  Tools", http://www.wardrive.net/wardriving/tools/ [War driving tools to hack/test wireless networks for different OSes]
  • [bbwexchange] "WPA2 Routers List". http://www.bbwexchange.com/publications/newswires/page546-1160883.asp [contains a list of the WPA2 routers from different companies]
  • [Wireless80211] "802.11 standards" , http://compnetworking.about.com/cs/wireless80211/a/aa80211standard.htm [Describe briefly 802.11 standards and their specifications]
  • [startawisp] " Shared vs Open authentication method", http://www.startawisp.com/index2.php?option=com_content&do_pdf=1&id=147 [Explains why shared Authentication is considered less secure than open authentication]
  • [RFC3748] "Extensible Authentication Protocol (EAP)", http://www.ietf.org/rfc/rfc3748.txt [RFC draft for EAP]
  • [EAPOL] "EEE 802.1X: EAP over LAN (EAPOL) for LAN/WLAN Authentication&Key Management",http://www.javvin.com/protocol8021X.html [Explanation of 802.1x, EAPOL]
  • [RADIUS],"RADIUS - Wikipedia, the free encyclopedia",http://en.wikipedia.org/wiki/RADIUS [Wikipedia definition and related resources about RADIUS]
  • [WPA],"Wi-Fi Protected Access - Wikipedia,", http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access. [Wikipedia definition and related resources about WPA]
  • [TKIP],"TKIP - Wikipedia", http://en.wikipedia.org/wiki/TKIP . [Wikipedia definition and related resources about TKIP]
  • [Microsoft-WPA] "Overview of the WPA wireless security update in Windows XP", http://support.microsoft.com/?kbid=815485 [Explains the security features in WPA]
  • [Tech-FAQ] "What is MIC ?", http://www.tech-faq.com/mic-message-integrity-check.shtml [Short definition for MIC and how it works]
  • [Tech-FAQ2] "What is WRAP ?",http://www.tech-faq.com/wrap-wireless-robust-authenticated-protocol.shtml , [Explaining why WRAP is not the recommended data transfer encryption standard for 802.11i]
  • [RFC4058],[Yegin, et al.] ,Protocol for Carrying Authentication for Network Access (PANA) Requirements
  • [RFC4016],[Parthasarathy], PANA Threat Analysis and Security Requirments.
  • [Foresberg2005] [Foresberg, et al.]. "PANA", http://people.nokia.net/~patil/IETF56/PANA/PANA_Solution_Slides_7.pdf
  • Back to Table of Contents


    List of Acronyms

    Acronym Meaning
    WLANWireless LAN
    WMANWireless MAN
    PKCPublic Key Cryptography
    ECBElectronic Codebook Mode
    CBCChain Block Chaining Mode
    OFBOutput Feedback Mode
    IVInitialization Vector
    KSGKey Stream Generator
    NISTNational Institute of Standards and Technology
    DESData Encryption Standard
    AESAdvanced encryption Standard
    SSLSecure Socket Layer
    WiFiWireless Fidelity
    WiMAXWorldwide Interoperability for Microwave Access
    RFRadio Frequency
    IRInfrared Frequency
    APAccess Point
    BSSBasic Service Set
    IBSSIndependent BSS
    ESSExtended Service Set
    SSIDService Set ID
    BWABroadband Wireless Access
    DosDenial of Service
    MACMedium Access Control
    LLClogical Link Control
    WEPWired Equivalent Privacy
    CRCCyclical Redundancy Checking
    EAPExtensible authentication Protocol
    EAPOLEAP over LAN
    ASAuthentication Server
    AAAAuthentication, Authorization and Accounting
    RADIUSRemote Authentication Dial-In User Service
    WPAWiFi Protected Access
    GMKGroup Master Key
    PTKPair Transient Key
    PSKPair Session Key
    MICMessage Integrity Code
    TKIPTemporal Key Integrity Management
    WRAPWireless Robust Authenticated Protocol
    CCMPCounter with Cipher Block Chaining Message Authentication Code Protocol
    RSNRobust Secure Network
    RSN IERSN Information Element
    BSBase Station
    SSSubscriber Station
    PKMPrivacy Key Management
    MS Mobile Station
    TEKTraffic Encryption Keys
    AKAuthorization Key
    MBSMulticast and Broadcast Service
    MSKMaster Session Key
    DOCSISData Over Cable Service Interface Specifications
    SASecurity Association
    MPDUMAC Packet Data Unit
    PANAProtocol for Carrying Authentication for Network Access
    PaCPANA Client
    EPEnforcement Point
    PAAPANA Authentication Agent
    ISN Initial Sequence Number
    ARPAddress Resolution Protocol
    OSIOpen System Interconnection

    Back to Table of Contents


    Date Last Modified : 04/23/2006

    Note This paper is available on-line at http://www.cse.wustl.edu/~jain/cse574-06/index.html

     

    0 thoughts on “Research Paper On Wireless Security

    Leave a Reply

    Your email address will not be published. Required fields are marked *