Wireless Network Security
Posted: August 27th, 2021
Wireless Network Security
Name
Institutional Affiliation
Course
Instructor
Date
Abstract
The research paper discusses Wireless Networking Security as the most recognized technology, ranging from its benefits to tough challenges. Specifically, the wireless network enables communication by transferring data packets from one point to another point. The transmission of data happens via the radio waves, thus rendering the wireless networks susceptible tocyber-attacks. Furthermore, the paper analyzes the possible cyber- attacks and threats, which endanger the security of either WEP or WPA. The discussion revolves around comprehending all the possible cyber-attacks among the users as a countermeasure of defending the wireless network.
Additionally, the paper offers an in-depth analysis regarding the different wireless network threatscoupled with their attackers’ toolbox like NetStumbler, Airsnarf, Kismet, and Airjack. The paper summarizes the countermeasure techniques that users and IT security need to implement to secure the wireless network fully. For example, the use of a Virtual Private Network (VPN) is considered the best technique of safeguarding the Access Points from possible cyber-attacking software tools. Therefore, it is the safest network for IT security and users.
Keywords:
Wireless equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), RC4
Algorithm, Virtual Private Network (VPN), Access Point, Wireless Network
Auditing
Table of Contents
2.0. Statement of the Problem.. 5
3.0. Wireless Equivalent Privacy (WEP) 6
4.0. Wireless Network Threats. 8
4.2. Denial of Service (DOS) 9
4.8. Passive Eavesdropping. 13
6.0. Security Countermeasures. 15
6.1. Training and Education for Users. 15
6.2. Wireless Network Auditing. 15
6.3. Turning Off AP When Not in Use. 15
6.4. Changing Router’s Preset Password. 16
6.6. Turning Off SSID Broadcasting. 16
6.7. Using Antivirus, Firewall, and Anti Spyware. 16
7.0. Results and Conclusion. 17
Wireless Network Security
With technological improvements, it has become important for both local and global businesses to implement a wireless network for convenience, easy installation, and affordable costs. Besides, the wireless network connection has made it possible for people to access the internet using different devices such as tablets and smartphones. Likewise, homeowners have not been left behind concerning this move for technological solutions. Despite all the advantages of wireless networks, there are security concerns that need to be addressed properly. Such security issues revolve around the commonness of network vulnerabilities. Similarly, these security threats may interfere with all the information available in the company security risk profile. Hence, this research paper seeks to analyze the wireless networking technology regarding its security concerns and countermeasures for providing solutions to the attached vulnerabilities.
Statement of the Problem
The onset of wireless networking technology has brought about varied security concerns. In particular, many users of this kind of network are prone to malicious cyberattacks, leading to threats that might injure businesses’ reputations (Tariq, 2011). The need to access the internet through the wireless network by clients sustains the security risks on the interconnection of Access Point with the wireless router. Since the wireless router is assigned to broadcast a signal through the air, all the involved wireless clients within the range are prone to such cyber-attacks and threats. Notably, the susceptibility of the wireless network is categorized as follows. First, the end users might not have full knowledge of the associated risks of using the wireless LANs since they are not IT security experts (Tariq, 2011). Secondly, there might be instances of all access points having inactive WEP security on default configurations. Third, most users do not change the default key on access points from the vendors’ product (Tariq, 2011). Lastly, some WEP-enabled access points might be easily cracked.
Wireless Equivalent Privacy (WEP)
The susceptibility of wireless networking technology has occasioned the Institute of Electrical and Electronics Engineering (IEEE) to set network standards recognized as 802.11 (Tariq, 2011). Specifically, this IEEE 802.11 makes use of the Wired Equivalent Privacy (WEP) as a security measure againstattacks like eavesdropping. However, there exist several flaws in the guided protocol. On the other hand, the Wireless Equivalent Privacy (WEP) makes use of the RC4 algorithm. Although the RC4 algorithm is based on data-link layer security technology, the WEP faces some security challenges because it uses a secret user key (He & Mitchell, 2005). The secret key’s chief aim is to encrypt data over the wireless network and simultaneously safeguard data packets’ integrity through the Cyclic Redundancy Check (CRC). Therefore, the WEP applies four different sets of base keys. Also, Regarding the 64-bit encryption, for example, the encryption is done for just 40 bits while the remaining bits are left as system generation bits (Tariq, 2011). Notably, this RC4 algorithm’s application leaves porous walls for 40 bits key to be cracked easily. Consequently, the same case happens in 128 bits encryption, where only 104 bits are useful for encryption but not the whole figure.
Imperatively, both the senders and receivers in the WEP utilize a similar secret key. Generating cipher text over the RC4 cipher algorithm would imply that the sender client’s computer would use the secret key “XOR” in a plain text (Tariq, 2011). Similarly, the receiver from another computer would utilize the very secret key “XOR” to cipher text before he or she could generate the original sent text based on the following illustration (fig.1).
Figure 1. Generating cipher text between sender and receiver
The illustrated working functionality of the RC4 cipher algorithm categorically indicatesthe way transmission of data is vulnerable to cyber-attack. From figure 1, RC4 (v,k) is a function that drives Key Stream between variable, v, and security key, k. Moreover, the plain text entails a raw message denoted by M (Tariq, 2011). However, with the application of checksum c, the plain text might be written as P = (P. c (M)). Thus, receivers who apply similar keys as “XOR”would have to cipher the text in a bid to see the initial plain text sincesuch a technique of generating cipher text is prone to countless attacks.
With many anticipated setbacks encryption, IEEE has therefore established new methods for generating cipher text, where there exist Integrity Check (IC) field in the data packets coupled with a 24-bit Initialization Vector (IV) field (Tariq, 2011). In this case, different RC4 keys are utilized for each data packets. For instance, this tactic aids in generating overhead over the computation whenever the security seems poor. Specifically, WEP2 works as a stopgap to enhance WEP’s privacy since it executes 128-bit encryption and further uses IV to createcipher text (Malekzadeh et al., 2010). In this scenario, the value of IV is large in WEP2; thus, it is a limiting factor for the networking algorithm. Of late, the implementation of WEPplus (WEP+) offers networking security as it overrides the IV’s weaknesses. Hence, a wireless connection’s bond ends must fit with WEP+ to facilitate network security effectiveness.
Apart from that, the Wi-Fi Protected Access (WPA) launching has come to WEP’s aid. This is because serious threats might break the former network based on its vendor specification needs (Tariq, 2011). WPA comes with a different technique – Temporal Key Integrity Protocol (TKIP) – for adopting its algorithm. The key protocol is assigned the task of resolving authentication hitches and encryption loopholes in the WEP network.WPA utilizes the Initialization Vector coupled with sequencing rules, per packet key mixing function, Message Integrity Check (MIC), and Re-keying mechanism. Ensuring that the WPA has strong encryption and secure authentication, ahostedvariation is referred to as WPA Pre Shared Key (PSK). Certainly, it issues strong encryption and encapsulation for authentication. Combining the TKIP and WPA (PSK) would give a hacker a hard task to find the secret key.Undeniably, the implementation of WPA2 is a strong defender of authentication solutions based on confidentiality and integrity for a wireless network. Therefore to ensure better and advanced protection of a wireless network, IEEE has recommended the application of Layer-2 of the OSI model. Overall, the WPA (PSK) relies heavily on Counter-Mode with Cipher Block Chaining-MAC Protocol (CCMP) for initiating the Advanced Encryption Standard (AES) encryption algorithm.
Since wireless technology utilizes air as a medium to share information between two or more users, this type of network is prone to threats from potential cyber-attackers. Most importantly, there are two kinds of wireless security attacks, such as active and passive attacks. Particularly in the active attacks, the attackers can alter the accessed information contents, thus generatingfake information in the network (Tariq, 2011). Besides, the active attacker intends to terminate network security completely like in the Man-in-the-Middle Attack (MITM) cases, unauthorized access, denial of service (DoS), active eavesdropping, session hijacking, and replay. On the contrary, the passive attacks entirely involve listening to a network’s traffic while searching to obtain valuable information from the packets without necessarily altering the contents. Examples of passive attacks are passive eavesdropping and traffic analysis. Consequently, these kinds of attacks seem difficult to be detected.
In unauthorized access, cyber-attacker gains illegal access over a wireless network, thus locating data packets. In this setup, the cyber-attacker easily utilizes the wireless network (Tariq, 2011). Similarly, the attacker may compromise the network’s associated confidentially and integrity by initiating varied listening packets over the traffic. Therefore, they might alter the contents of the information based on either sent or received messages.
Figure 2. How cyber-attacker gains unauthorized access to a network
Denial of Service (DoS) is indeed the most renowned attack since it can break down wireless and wired networks. Precisely, DoS sustains wide traffic over the Access Point, rendering it unable to respond. For instance, in the Wireless network, the DoS attacker initiates a powerful transceiver by sustaining interference as a form of generated noise to jam the network (Tariq, 2011). DoSattacker directs large numbersofdisassociationframesto a client’s computer. Therefore, this discontinues the connection from the access point. Upon the disruption of the connection, the client computer once moretries establishing the connection with Access Point. Moreover, the attackers constantly send disassociation frames over the desired period. Hence, the re-association of data packets becomes impossible.
Correspondingly, the DoS attacker mayapply a shamDeauthentication mechanism to disintegrate the network security. Usually, DoS attackers wouldinitiate strong Deauthentication frames over a client’s computer, resulting in an unauthenticated access point (Tariq, 2011). Furthermore, the process would recur until the attacker computer authenticates itself coupled with the access point. As a way of preventing the right client from having the rightful access, the DoS attacker would continuously initiate Deauthentication frames up till the desired outcome is attained. Besides, a few tools, including LANJack and Hunter killer, might help initiate Deauthentication over the client’s computer. Imperatively, these tools are relevant forlaunchingthe DoS attack. For example, IEEE 802.11 standing regarding the wireless network recommends using Medium Access Control (MAC) addresses for authenticating the source IP address. The resultant effect would encompass the attacker’s ability to spoof the MAC address coupled with hijacking the session. Thus, in this scenario, the Access Point cannot ascertain itself as a genuine Access Point.
Eavesdropping is among the major threats to the wireless network, where data signals are transmitted from the client workstation to Access Point. Nonetheless,a cyber-attacker sustains illegitimate data over a wireless network connection in the case of Active Eavesdropping, thus cracking the secret key (Tariq, 2011). The attacker’s main intent is to establish the message’s contents by accessing partially the plain text, Which entails source or destination IP address, as demonstrated in figure 3.
Figure 3. How a cyber-attacker accesses plain text of a source IP address
Man-in-the-Middle seems a risky kind of attack in that an attacker can eavesdrop over the communication and further amends it before letting the recipient. Despite that, many organizationshave constantlyemployedIPSec, VPN, and SSH security measuresthat are still breakable (Tariq, 2011). Specifically, the attacker executes the MITM attack successfully since the security measures only safeguard data against some confidentiality attack. The cyber-attackers might enjoin themselves to the Access Point as users. Regarding this method, all of the user’s information is passed over the Access Point via the attacker. Not only does the attacker sniffs the data, but may also initiate some changes on the data by either inserting viruses onto downloading files or changing webpages settingseffortlessly (Khakurel et al., 2010). Therefore, IP spoofing, as well as Masquerading, are regarded as the best techniques for making the user fool. In this scenario, the encryption does not seem to implement a security rule between the Access Point and client use. Thus, these security measures are not sufficient to block cyber attackers.
Session hijacking looks alike to the functionality of the Man-in-the-Middle attack (MITM) in that the attacker simultaneously seizes the session of the victim’s client. The targeted peoplemay think that their session has expired at its expense being handed over to the attacker. The attacker has the discretion to exploit the victim’s content as he or she deems fit. In this kind of networking hijacking, the attacker understands the priority of obtaining the victim’s MAC address andAP before sending the MAC Disassociation messages to the unsuspecting user (Tariq, 2011). Unfortunately, the victim may find it useful to close down the network’s session while unaware that his session is still open inAP. Consequently, the attacker, via the use of the victim’s MAC address, secures the session’s control, and upon securing control, the attacker may utilize the obtained session for whatever reason.
Replay attack seems to look like the Man-in-the-Middle Attack in its working dynamics despite a few variations in a bit. Despite that replay attack is not considered a real-time attack the same way as a MITM attack. This is because it seizures all the information (data and session) from the network (Tariq, 2011). Likewise, it exploits the victim’s information offline. The attack’s main aim is to gain access to the network via the authorizations of the target without using the secret key, as illustrated in figure 4. Additionally, the attacker might use network resources by employing authorization and permission over the target client. Hence, the attack seems real, as it is often utilized to exploit the wirelesssecurity network’s protocols.
Figure 4. How Replay attacker grabs all information from the victim
The Traffic Analysis is the easiest technique for initiating an attack because transmission of the packets’ number and sizes occurs over the air, leading to a hitch in protocols. The technique is sustained on the network, especially at the most active access points. With the encryption of data packets, the attacker could obtain partial or full information from the seized messages (Tariq, 2011). Notably, the attacker needs to have some basic info regarding the network’s properties before occasioning an active attack. As an example, Wardriving has widely used a freeware tool for initiating traffic analysis over the internet. It is important to establish the target Access Point, the attacker traverse from one point to another, thus obtaining active access points on the network. Subsequently, each Access Point (AP) tends to transmitthe Service Set Identifier (SSID) over the air. Therefore, the attacker cannot occasion an active attack because of the SSID.
The attack looks much like the traffic analysis attack because the cyber attacker secures the data packet’s reasonable sizes. There are detailed protocols used over the wireless network to transmit an unlimited number of packets over the air. However, in Passive eavesdropping attacks, the attacker completely exploits a victim’s privacy, coupled with information (Tariq, 2011). With encryption of the data packets, the attacker is compelled to break the encryption, thus obtaining plaintext. Undeniably, the WEP possesses varied vulnerabilities because it has small sizes of initialization vectors (IV) sequencing, rendering more prone to cyber-attacks. The rapid re-utilization of a similar IV makes stream less exposed to cracking (Hassan & Challal, 2005). Therefore, WPA2 utilizes both the AES and 3DES tough encryption algorithms to ciphertext, making the whole act of eavesdropping quite difficult.
Before an attacker may hack a wireless network, there is a set of freeware tools needed to advance to the internet. To initiate better security over the wireless network, the client users need to comprehend the methodological security measures, thus protecting their connected networks. The following table enlists most of the usually freeware hacker’s tools.
| Tools | Descriptions |
| NetStumbler | It is an active network scanner for identifying a freeware wirelessaccess pointidentifier. This tool is used for calibrating a wireless link via the use of SSID, MAC address, encryption algorithm, and signal strength. |
| Kismet | It is a much-advanced tool for diagnosing a freeware wireless network. It is mostly used to initiate passive eavesdropping attacks since it aids in monitoring traffic across the stored data range. |
| AirSnort | This tool is extensivelyapplied as a freeware tool for breaking WEP encryption. Upon obtainingenough data packets, the tool begins to compute encryption relevant for breaking up the security. |
| Ethereal | It comprises of WLAN software for analyzing passive eavesdropping on a wireless network. It is aids in observing network traffic. |
| WEPcrack | The tool exploits a wireless network’s susceptibility by cracking it via the application of the RC4 algorithm. |
| WEPWedgie | It is a software tool for sustaining an active eavesdropping attack over a network to establish WEP Key streams. |
| AirSnarf | It is regarded as the best AP spoofing tool relevant for misleading users as it forwards sensitive data and information to cyber-attacker. Normally, it mimics AP’s legitimacy, thus creating similar login pages as presented over Access Point. |
| Air jack | This toolis adangerous software tool for initiating both the (DoS) and (MITM) attacks over a wireless network. It attacks a network by disassociating or de-authenticating frames rapidly over Access Point. |
Even though many flaws are associated with the WEP algorithm, it is possible to secure users whenever on the wireless network. Consequently, the IEEE has recommended a series of actions, which would help alleviate the involved risks over a wireless network, as listed below.
Training and Education for Users
Precisely, cyber attackers and cyber security specialists are aware that end users are the weakest connection in company cyber security. The first remedy action to be initiated over a wireless network is conducting training and education among users to deal with the increasing cyber-attack cases. Specifically, the whole measure is meant to secure a network, simply because most users do not understand how to employ network security (Tariq, 2011). It leaves the loopholes inside the network prone to cyber-attacks. Hence, users need to train how they can effectively change wireless tools configurations or settings in their favor, limiting instances of securityrisks and threats.
Employment of Wireless Network Auditing is a super technique that a user might initiate to secure a wireless network like WEP. Throughout this auditing technique, the users scan their networks with scanners like NetStumbler and Kismet to pinpoint all the running activities over a particular network (Tariq, 2011). Therefore, the user has the discretion of stopping an activity that seems unfamiliar.
Turning Off AP When Not in Use
The users are also advised to turn off their Internet routers or access points whenever they are not in use. Such an act helps prevent random and remote cyber-attacks from close networks to locate and monitor running activities. Thus, turning off AP helps reduce the timeline the network is left susceptible to hacking activities.
Changing Router’s Pre-Set Password
Since each manufacture of the wireless router or access point employs a specific default username or password, users must constantly change them. Failing to change the password or username may render the network prone to attacks; just in a third party has full knowledge of the target networks (Choi et al., 2005). For example, attackers may scan varied access points, thus accessing sensitive information via default usernames or passwords. Consequently, the users should initiate the first step of changing the default usernames and passwords immediately upon installations.
With all devices connecting to a similar network through a single SSID, the users should alter access points’ identification. Undeniably, this is a measure of securing the wireless network, thus removing all the default SSID (Arbaugh, Shankar, & Wan, 2002). Failure to change some important access points of a network is more or less as leaving default passwords unchanged and prone to undefined cyber-attacks. Therefore, users have to get accustomed to changing SSID every 30 days.
With varied Access Points utilizing similar SSID broadcasting techniques; therefore, it is more secure to turn them off. It is difficult for an attacker to scan for networks whose SSID broadcasting functions have been temporarily stopped. Consequently, users are highly recommended to put off such functions on the wireless network routers constantly.
Using Antivirus, Firewall, and Anti Spyware
Another countermeasure of limiting cases of cyber-attacks entails the installation of antiviruses, firewalls, and anti-spyware. Notably, to access the targeted computer, Cyber attackersnormally install a virus program by sending emails that seem to be malicious. Once they get access, they end up deleting or even stealing the data of the victim.Installation of this software particularly helps prevent viruses and malware’s unwanted activities, thus improving wireless network security (Welch & Lathrop, 2003). Thus, it is alwayscompulsory for users to install an updated firewall, antivirus, and anti-malware software tools on their personal computers.
Encryption is commonly recognized as the best approach for securing a wireless network against a monitoring hacker’s unauthorized action. The reason is that encryption helps to cipher text differently from the way it is known from another access point (Welch & Lathrop, 2003). Therefore, with the WEP algorithm, it is highly suggested in IEEE 802.11 that the Advanced Encryption Standard (AES) or Triple Data Encryption standard be implemented across WEP or WPA.
Utilizing Virtual PrivateNetwork
To secure a wireless network completely, the use of a Virtual Private Network (VPN) seems the best security countermeasure since it remotely monitors the access points. TheVPN is a better technique for authenticating unauthorized users who might attempt connecting themselves to the network (Welch & Lathrop, 2003). Thus, the employment of VPN servers is relevant for encrypting the respective communications over several access points.
Despite that, both the WEP and WPA have
featured vulnerabilities that cyber-attackers might use to access sensitive
information across network security. IEEE has recommended security
countermeasures (Tariq, 2011).Specifically, the development of the IEEE
wireless network standard as802.11 ensures that there are full security and privacy
coupled with confidentially via the aid ofWPA (PSK). Otherwise, the
susceptibility of these wireless networks would have occasioned security
threats, leading to Internet attacks. Therefore, the suggestion of proper
security countermeasures through users’ training and education has helped
minimize cyber-attackscases. Categorically, the users are trained on how to
change the default usernames and passwords on network routers and SSID. Moreover,
the IEEE has recommended the executing Private Network (VPN) server as the best
security approach for securing the access points again of a hacker (Tariq,
2011).Overall, the comprehension of countermeasures techniques among the users
has aided in avoiding simple hacking through users’ failure to change the
defaultpasswords.
Arbaugh, W., Shankar, N., & Wan, Y. C. (2002). Your 802.11 wireless network has no clothes. Wireless Communications, IEEE, 9, 44-51.
Choi, M. K., Robles, R. J., & Kim, T. (2005). Wireless network security: threats, vulnerabilities, and countermeasures. International Journal of Multimedia and Ubiquitous Engineering, 3, 77-86.
Hassan, H. R., & Challal, Y. (2005). Improved WEP: An efficient solution to WEP threats, wireless, and optical communications networks, 2005. WOCN 2005. Second IFIP International Conference, 594-599.
He, C., & Mitchell, J. C. (2005). Security analysis and improvements for IEEE 802.11i. The 12th Annual Network and Distributed System Security Symposium (NDSS’05), 90-110.
Khakurel, S., Tiwary, P.K., Maskey, N., Sachdeva, G. (2010). Security vulnerabilities in IEEE 802.11 and adaptive encryption for good performance. Industrial Electronics & Applications (ISIEA), 2010 IEEE Symposium, 207-210.
Malekzadeh, M., Azim, A., Ghani, A., & Subramaniam, S. (2010). Design of Cyberwar laboratory exercises in the implementation of unique security attacks against IEEE 802.11 Wireless Networks. Journal of Computer Systems, Networks, and Communications, 2010.
Tariq, I. M. (2011). Wireless security and threats. Wireless Networking Technology, 21(3), 717-729.
Welch, D., & Lathrop, S. (2003). Wireless security threat taxonomy. IEEE Workshop on Information Assurance, 76-83.
Expert paper writers are just a few clicks away
Place an order in 3 easy steps. Takes less than 5 mins.