fitsum r. lakew wireless network security threat
Post on 16-Jan-2015
1.067 Views
Preview:
DESCRIPTION
TRANSCRIPT
Wireless Network Security Threats 1
WIRELESS NETWORK SECURITY THREATS
FITSUM R. LAKEW
Graduate School of Management and Technology
Information Technology (MS): Information Assurance Specialization
UNIVERSITY OF MARYLAND UNIVERSITY COLLEGE
August 15, 2010
Wireless Network Security Threats 2
Outline Page
Abstract …………………………………………………………………………………….3
1. Introduction ……………………………………………………………………………...3
2. Wireless Vulnerabilities, Threats and Countermeasures ……………………………...5
2.1 Network Security Threats ……………………………………………………………...5
2.1.1 Accidental Association …………………………………………………………….. 5
2.1.2 Malicious Associations ……………………………………………………………...6
2.1.3 Passive Eavesdropping ………………………………………………………. …….7
2.1.4 Ad-hoc Networks ……………………………………………………...8
2.1.5 MAC Spoofing (Identity Theft)……………………………………………………...9
2.1.6 Man-in-the-middle Attacks ……………………………………………………..10
2.1.7 Denial of Service ……………………………………………………………..11
3. Consequences of Poor Wireless Network Security ……………………………..12
4. Effective Strategies for Improving Wireless Network Security ……………..............13
4.1 Wireless Security Strategies ……………………………………………………..14
4.1.1 Static IP Address ……………………………………………………………...14
4.1.2 Password Change ……………………………………………………………...15
4.1.3 MAC Filtering ………………………………………………………………15
4.1.4 Encryption ………………………………………………………………16
4.1.5 Use of Anti-virus and Firewalls………………………………………………………16
4.1.6 Educating Users ………………………………………………………………............16
4.2 Network Auditing ………………………………………………………………...........17
5. Conclusion ………………………………………………………………...........17
Wireless Network Security Threats 3
Wireless Network Security Threats
Abstract
The growth of information technology has made wireless networking one of the most
imperative tools of communication. Business persons and home users have resorted to wireless
technology as a way of communicating with business partners and friends. This is because
wireless networking is easily accessible, inexpensive and easy to use. For example, the
emergence of new technologies has created hot spots where on-the-go laptop users can access
internet anywhere be it in shops, home, school, airports or workplaces. However, with all
advantages associated with wireless networks, the absence of security threats is inevitable. In the
recent years, wireless networks have encountered security threats, which posses risk to
information privacy. These security threats are dangerous to business opportunities and the
general lives of wireless technology users. Such security threats have forced information
technology experts to put into operation technological solutions aimed at curtailing wireless
security threats and vulnerabilities. The probability of winning over security threats is high
simply because, wireless security is principally a management dilemma. Nevertheless, in order to
control wireless security risks, experts must assess the associated security risks and look for
modalities of mitigating them. The paper examines various wireless network security threats
within a certain environment and provides solutions of eliminating those security threats. (Gast,
2005, pp. 1-12).
Wireless Network Security Threats 4
1. Introduction
Wireless security is a way of thwarting unauthorized entry or destruction of computers
through wireless networks. Today, many persons and organizations use wireless networks to
manage their interests. Interconnected computers and wireless carded laptop notebooks face
many security risks, which compromises the privacy of stored data. For instance, computer
hackers have come up with mechanism of breaking into wireless networks with a lot of ease.
Interestingly, these hackers deploy wireless technologies to break into wired networks and
commit offences. This is the reason why organizations and individuals using wireless networks
must look for means and ways of controlling unauthorized entries into private and vital resources
available in wireless networks. Wireless technology users continue to suffer by day as wireless
security threats keeps on increasing and becoming popular. Moreover, the ignorance of wireless
network users has also prompted unauthorized access to wireless networks. For example, when
information technology experts introduced wireless networking, security threats seemed less as
this particular technology applied only in big organizations and offices. However, as time went
by, individuals started using it. Consequently, this became possible for crackers to latch
modalities of accessing resources from wireless networks. (Ross, 2008, pp. 3-13).
In most cases, some of these security threats associate with wireless protocols,
encryption, recklessness and unawareness of computer users either at individual or commercial
information technology level. In a rather worrying note, some of the cracking methods that
breach network security appear more complicated, and with the presence of Windows and Linux
tools, crackers find it easy to institute wireless network threats. Perhaps to start with, we need to
relook on the advantages of wired networks both to legible users and crackers or hackers.
Primarily, wireless networks exhibit many advantages to legible users. For example, they are
Wireless Network Security Threats 5
cost efficient, convenient, produce expected results, easy to deploy and expand, and finally, easy
to integrate with other networks. Nevertheless, some disadvantage worries like security, range of
operation, dependability and network speed appear to limit its applications. With these worrying
issues, nobody is able to predict the efficiency and security of wired networks. In addition,
unofficial access points, transmittable SSIDS, and unknown MAC addresses remain paramount
security threats. However, with Wireless Local Area Network troubleshooting techniques like
Fluke, Network General and Network Instruments, wireless network users can eliminate or avoid
security threats. (Min-kyu, Robles, Hong, & Kim, 2008, p. 78).
2. Wireless Vulnerabilities, Threats and Countermeasures
The normal wireless network composes of three fundamental components and the user.
Under this scenario, the user becomes actually the fourth component. The first component is
radio frequency, which help in the transmission of information from one point to another.
Secondly, there are access points for connecting with other networks. The third component is of
course, IT devices (Client devices) such as desktop computers, laptop computers and PDAs.
Ironically, network threats target these components leading to network security aims like
confidentiality, integrity and accessibility.
2.1 Network Security Threats
2.1.1 Accidental Association
Unauthorized entry into wireless networks occurs in different ways. Although many of
them occur intentionally, there is one which is accidental. Accidental association is a wireless
network security breach that exposes confidential information of a proprietary company
elsewhere. In most cases, this happens between two nearby wireless networks. A user can turn on
a client device only to find overlapping data that belongs to the neighbor. This kind of security
Wireless Network Security Threats 6
breach sometimes known as mis-association is majorly accidental but, in rare cases it can be
deliberate especially when an attacker aims to connect a personal computer to the neighboring
wireless network access points (APs).
2.1.2 Malicious Associations
This particular wireless network security threat is intentional and the attacker aims to
obtain information from a particular wireless network. In order to access such information,
requires components like wireless devices and cracking laptops. The cracking laptop will act as
an access point while, the wireless device will link the cracking laptop and the wireless network.
One characteristic with these cracking laptops (soft access points) is that, they actually resemble
the targeted access points. Consequently, when an attacker inserts a wireless network card, the
system unlocks and somebody can now access any data. After such a successful unlawful entry,
the cracker can now access passwords, instigate new network hitches, or deposit viruses and
trojans into the network. Perhaps one advantage associated with wireless networks is that they
operate at layer 2 and layer 3. Thus, the available security protection mechanism, which includes
network authentication and virtual private networks (VPNs), cannot control malicious
association. On the other hand, research shows that wireless 802.1x authentications previously
believed by many as secure, as of now, crackers can still enter a wireless network. However, in
wireless networks safeguarded by wireless 802.1x authentications, crackers tend to target Layer
2 networks rather than virtual private networks (VPNs). This is because Layer 2 is easier to
crack than VPNs. (Kelley, 2003, pp. 60-69).
Wireless Network Security Threats 7
2.1.3 Passive Eavesdropping
This is another wireless network security threat where an attacker scrutinizes every
session happening within the wired network. In most case, the attackers target the payload in
order to get private information. The payload contains very secure plaintext information, which
an attacker can access through flouting the encryption. In fact, this type of security threat appears
simple in that attackers need access transmission only. For instance, using directional antenna,
crackers are able to detect wireless transmissions (802.1) even at miles away. This makes the
wireless network more vulnerable to attack as one cannot physically control transmission
detection. Most users believe that deployment of wireless networks includes rearrangement of
access points with encryption. Nonetheless, this is never the same as majority of wireless
network APs contain many vulnerabilities such as wired equivalent privacy (WEP) and the
802.11 wireless security standards. Through passive eavesdropping, an attacker can obtain
transmittable data and also use other means to examine packets of data transmitted in a particular
session. Furthermore, attackers can use directional antenna to determine the basis, destination,
dimension and period of transmissions. Thus, it is very clear transmissions can compromise data
privacy by inviting attacks. (Welch 2003, pp. 2-3).
Wireless Network Security Threats 8
2.1.4 Ad-hoc Networks
This particular networks can execute wireless security threats and allow unlawful data
access. Experts create ad-hoc networks by connecting wireless computers without necessarily
using access points. Thus, it is very much clear that these wireless network lack efficient
protection. Nevertheless, when building such networks, experts tend to deploy encryption
methods as security measures. Through Ad-hoc networking, experts create a security hole
believing that it will offer the necessary security and prevent any intended malice. However,
these experts do not understand that within a corporate environment, some versions of Microsoft
Windows operating system have security breach that can allow easy access of data. This can be a
challenge to many users who are not in a situation to identify unsecured Ad-hoc network within
the computer’s operating system. The scenario is even worse when a user uses the same Ad-not
network computers for a wired network. This is because a viaduct forms linking the corporate
network with an unsecured Ad-hoc connection, which create vulnerable access points. A viaduct
can either be direct or indirect. The direct viaduct occurs when users join two access points while
Wireless Network Security Threats 9
an indirect bridge or viaduct occurs when many computers draws resources form the server. Of
the two, indirect bridge or viaduct appears more unsecure than the direct one. Firstly, individual
or corporate data executed through perceived secure wired networks, can appear on an attacker’s
end note computer drive and then be retrieved through an unsecured Ad-hoc network. Secondly,
viruses or trojans exposed to a particular wireless network through an unsecure Ad-hoc
connection can create a pathway to private data hence, a security threat. Captivatingly, this type
of security threat does not require password cracking as crackers can enter malevolent codes to
an unsuspecting user’s end node arrangement and thereby access information through an Ad-hoc
network. (Welch, 2003, pp. 2-6).
2.1.5 MAC Spoofing (Identity Theft)
This threat is a bit complicated in that crackers manufacture devices, which can enable
them to eavesdrop in on network traffic and thereby make out the computer’s MAC address that
has got varied network dispensations. Although most wireless network characterize with MAC
filtering, which is ideally, a security practice that allows authorized wireless network access
using MAC identification cards, research shows that crackers can develop software programs
with “sniffing” capabilities, and hence obtain secure addresses such as MAC addresses. Perhaps,
the only scenario where MAC filtering appears protective is when users operate small residential
(SOHO) networks. This is because under SOHO networks, wireless devices are “off the air”
making it hard to detect MAC addresses. However, with bigger wireless networks, the 802.11
wireless devices are evidently “on the air”. The disadvantage associated with such networks is
that when the 802.11 device is “on the air”, it carries unencrypted MAC address right at the
header, and with simple software programs or equipments, crackers can obtain the MAC address.
For instance, the combination of freeware wireless packet analyzer together with 802.11 wireless
Wireless Network Security Threats 10
receivers such as computer laptops and wireless adapters can enable some one to retrieve the
MAC address of transmitting wireless networks, of course, within 802.11 assortments. Thus, it is
very clear MAC filtering does not offer enough security to transmitting networks as users
perceive. (Min-kyu, Robles, Hong, & Kim, 2008, pp. 84-87).
2.1.6 Man-in-the-middle Attacks
Research shows that crackers targeting wireless networks find it easier to obtain private
information at Layer 2 and Layer 3. This is because at this stage, encryption dominates in the
transmitted packets making it easier to access heading information at second or third data link
layer. Nevertheless, if a user deploys virtual protocol networks (VPNs) or IPsec security, the
probability of accessing header information lessens. With the man-in-the-middle attack,
unauthorized persons can obtain confidential information from a session or sometimes alter the
transmittable packets, which will then compromise the integrity of a particular session. For
example, during a wireless network session, a cracker may read and even modify the contents of
the original data before the receiver gets it. However, it is not clear to many on how this happens.
To start with, a cracker committing man-in-the-middle attack breaks the session in order to
detach the connection existing between the target and access points (APs). After successfully
detaching the two, the cracker will then connect the actual APs to a wireless card. The wireless
card will lead a traffic flow of data from the wireless network to the hacker’s retrieving device.
Secondly, the cracker can use wireless equipments to break the wireless network at access points.
Consequently, the encrypted tunnel will exhibit vulnerabilities and make private data access
easier.
Wireless Network Security Threats 11
(Welch, 2003, p.3)
2.1.7 Denial of Service
This is another type of wireless security threat where the attacker repeatedly barrages the
targeted wireless network or access points (APs) with spurious requests, intriguing wireless
network link communications, stoppage instructions and data. Since the network is not used to
these new messages and commands, the access points disassociate the network reveling
encryption. On a more worrying note, the system can lock out the legitimate user and sometimes
crash. Additionally, the denial of service attacks targets the annihilation of network protocols
like the Extensive Authentication Protocol (EAP) in order to access private data. However, this
type of security threat is ineffective to a large extent as the attacker cannot access the real
individual or corporate data. The interrupted wireless network cannot offload data to any
wireless device and in most cases, the network crashes after interruption.
Wireless Network Security Threats 12
Consequently, many users might wonder the reason of performing a denial of service
attack if the attacker cannot access organizational data. Nevertheless, there is a reason why
malicious attackers decide to perform this security threat. After a successful denial of service
attack, the wireless network locks or crashes. This is the time when the malicious attackers take
their time to monitor its recovery. As the network recovers, some data can re-transmit to other
wireless devices, which includes codes, passwords and IDs. Later on, the crackers will use these
factors to together with cracking tools in order to make an unlawful entry into the wireless
network. Research shows that feebly encrypted wireless networks such as wired equivalent
privacy (WEP) are the most affected due to its numerous tools. (Min-kyu, Robles, Hong, &
Kim, 2008, pp. 80-85).
3. Consequences of Poor Wireless Network Security
Wireless networks characterize with portability and productivity, and this is the main
reason why many people use them either at home or organizational level. In addition, wireless
network connections do not use cables but instead, involves plugging in an AP or a router to a
client device. Nevertheless, with this open connectivity, the probability of threat attack is high.
Thus, the meager security standards in addition to undeveloped technologies, defective
implementations and ignorance are some of the factors that lead into the construction of an
unsecure wireless network. With these factors dominating the deployment of an unsecure
wireless network, hackers and crackers find it easier to make unauthorized entries through the
communication medium. Consequently, poor network security leads to the compromise of data
and other resources in terms of reliability, accessibility and confidentially. Organizational
resources such as fiscal statements, individual data and intellectual information that appear
sensitive to the public should receive maximum security to preserve their confidentialities. In
Wireless Network Security Threats 13
most cases, this happens when encryption and security mechanisms within a wireless network
appear weak or vulnerable. An intruder can alter, destroy or delete stored data in a wireless
network when the system exhibits some deformities in data-synchronization routines that link
wireless network users and the back-end storage. In addition to this, security threats such as
denial of service can enable crackers use network bandwidth for their own selfish interests. Other
consequences associated with poor wireless network securities include resource theft
mechanisms such as consumption of disk space and bandwidth, piracy, downloading
pornographic materials and entertainment literature via stolen airwaves. Some people can utilize
the presence of poor wireless networks to steal information, which is wanted somewhere else.
Krishnamurthy, Joseph, &Tanapat, 2002, pp. 157-166).
4. Effective Strategies for Improving Wireless Network Security
In most cases, the nature of a wireless network in terms of construction and deployment
determines whether the network is prone to security threats such as interception, disruption and
alteration. However, experts have come up with various ways of eliminating network threats. For
example, eavesdropping, which is very common in at least all wireless networks can be
controlled using two major ways. The first one is of course, creating a difficult environment for
establishing and seizing wireless signals. Secondly, users can use encryption in order to
safeguard privacy even in situations where crackers intercept the network. Two years ago,
experts came up with a Wireless Intrusion Prevention System (WIPS), which is sable to thwart
all intended security threats. Today, most organizations use this system to protect their wireless
networks against security threats.
Wireless Network Security Threats 14
4.1 Wireless Security Strategies
4.1.1 Static IP Address
Most hackers access network data through an IP address. It is therefore paramount to
look for modalities of preventing this. For example, users can disable their IP address function
form the server every time when the system is not running. This will lower the chances of
logging in failed messages, trial keys and rogue passwords into the network. In addition,
deployment of access pint firewalls can help in jamming an unused IP address and retain
network confidentiality. Users can also decrease the size of a fastidious subnet to reduce chances
of threat attack. This is useful in discouraging man-in-the-middle threats. (Skoudis, 2002, p.
351).
Session Attack: (Welch, 2003, p.7)
Wireless Network Security Threats 15
4.1.2 Password Change
Wireless devices come with default passwords. If users fail to change such passwords,
some crackers can capitalize on this and enter that wireless network. Thus, it is advisable to
change the default passwords of wireless devices in order to minimize security threats. In
addition, users should look for unique passwords, and one that includes non-alphanumeric
characters to make the network more secure.
4.1.3 MAC Filtering
When deploying wireless networks, engineers must create MAC identification filtering as
a security strategy. This will allows only users to gain authorized entry into networks
characterized by MAC IDs and minimize accidental associations. However, users should not rest
assured because crackers can fake MAC IDs and access their networks.
4.1.4 Encryption
So far, this has proved to be the most effective way of discouraging wireless network
security threats. An encrypted system can show and report some of the threats targeting the
system. Luckily, most wireless devices such as APs, caller devices and base stations come with
built-in encryptions systems and the user need to turn it on so that it protects the network.
(Krishnamurthy, Joseph, &Tanapat, 2002, pp. 160-165).
4.1.5 Use of Anti-virus and Firewalls
Some networks collapse due to invasion from trojans and viruses. Just like computers
connected to an internet, wireless network computers can also catch malwares, trojans and
viruses. Thus, it is advisable to install all wireless network computers with anti-malware
programs and update them periodically in order to offer protection.
Wireless Network Security Threats 16
4.1.6 Educating Users
As one constituent of wireless networking, users ought to understand how to protect their
wireless systems. Thus, it is quite imperative to train then on the security measures to undertake
in order to protect their wireless systems. Most hackers and crackers find their way into other
people’s wireless networks due to ignorance of users. Thus, if experts equip these users with
strategies of eliminating threats, wireless networks will remain secure.
4.2 Network Auditing
Through auditing, users can identify rogue hardware, disjointed access points and wireless
functions. This is vital for weak systems such as WEP as tools like Airsnort can correct any
existing network anomaly. (Skoudis, 2002, pp. 352-359).
Wireless Network Security Threats 17
5. Conclusion
Wireless networks associate with many advantages such as increased productivity and
reduced operation costs. Through wireless networks, business opportunities have improved
greatly. Today, millions of people work as information technology staff all over the world
courtesy of wireless networks. However, with all these numerous benefits, wireless networks
encounter deliberate and accidental security threats that lead to information loss or system
collapse. Consequently, there is loss of data, confidentiality compromise, interception and
disruption of normal processes. If users undertake security measures, they can eliminate these
threats and maintain confidentiality.
Wireless Network Security Threats 18
Reference List
Gast, M. (2005). 802.11 Wireless Networks: The Definitive Guide. (2nd Ed.).
Sebastopol, CA: O’Reilly & Associates.
Kelley, D. (2003). The X factor: 802.1x may be just what you need to stop intruders
from accessing your network. Information Security, 6(8), 60-69
Krishnamurthy, P., Joseph, K. &Tanapat A. (2002). Security in Wireless Residential
Networks. IEEE Transactions on Consumer Electronics, 48(1), 157- 166.
Min-kyu, C., Robles, R., Hong, C. & Kim, T. (2008). Wireless Network Security:
Vulnerabilities, Threats and Countermeasures. International Journal of Multimedia and
Ubiquitous Engineering, 3(3), 77-86.
Ross, J. (2008). The Book of Wireless: A Painless Guide to Wi-Fi and Broadband
Wireless. (2nd Ed.) San Francisco: No Starch Press.
Skoudis, E. (2002). Counter Hack: A Step-by-Step Guide to Computer Attacks and
Effective Defenses. New Jersey, Upper Saddle River: Prentice Hall.
Welch, D. (2003). Wireless Security Threat Taxonomy: Proceedings of the 2003 IEEE.
Workshop on Information Assurance. New York: United States Military Academy.
top related