WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

Slides:



Advertisements
Similar presentations
BZUPAGES.COM BSIT BZUPAGES.COM BSIT ON.
Advertisements

Security in Wireless Networks Juan Camilo Quintero D
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
DIMACS Nov 3 - 4, 2004 WIRELESS SECURITY AND ROAMING OVERVIEW DIMACS November 3-4, 2004 Workshop: Mobile and Wireless Security Workshop: Mobile and Wireless.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
1 Wireless LAN Security Kim W. Tracy NEIU, University Computing
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University
WLAN What is WLAN? Physical vs. Wireless LAN
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,
Mobile and Wireless Communication Security By Jason Gratto.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
A History of WEP The Ups and Downs of Wireless Security.
Version Slide 1 Format of lecture Introduction to Wireless Wireless standards Applications Hardware devices Performance issues Security issues.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Wireless Insecurity By: No’eau Kamakani Robert Whitmire.
Lecture 11 Wireless security
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Guided by: Jenela Prajapati Presented by: (08bec039) Nikhlesh khatra.
Securing your wireless LAN Paul DeBeasi VP Marketing
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
WLAN Security Issues, technologies, and alternative solutions Hosam M. Badreldin Western Illinois University December 2011 Hosam Badreldin – Fall 2011.
WEP Protocol Weaknesses and Vulnerabilities
WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.
Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.
WEP, WPA, and EAP Drew Kalina. Overview  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA)  Extensible Authentication Protocol (EAP)
Wireless Networking & Security Greg Stabler Spencer Smith.
Wi-Fi Technology.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Lecture 24 Wireless Network Security
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
BZUpages.com “In the name of ALLAH, most Beneficent and Merciful”
Wireless security Wi–Fi (802.11) Security
Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.
Cisco Discovery Home and Small Business Networking Chapter 7 – Wireless Networking Jeopardy Review v1.1 Darren Shaver Kubasaki High School – Okinawa,
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.
Wireless LAN Security 4.3 Wireless LAN Security.
Wi-Fi Technology.
IEEE i Dohwan Kim.
Wi-Fi Technology By : Pranav Mandora Rikin Mistry LDRP-EC.
Presentation transcript:

WiFi Security

What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests Currently Wi-Fi means wireless networks in general Wireless networks are usually based on the IEEE standards. –802.11b2.4Ghz, 11Mbps –802.11g2.4Ghz, 54 Mbps

Wireless networking 2 different network modes –Ad-hoc –Infrastructure Medium is shared to channels In infrastruce mode, everything goes through the access point Before data can be transmitted, the access point and the client must establish a connection –Authentication and association

Security Threats Wireless technology doesn’t remove any old security issues, but introduces new ones –Viruses, Trojans and stuff like that are still there –Eavesdropping –Man-in-the-middle attacks –Denial of Service

Eavesdropping Easy to perform, almost impossible to detect By default, everything is transmitted in clear text –Usernames, passwords, content... –No security offered by the transmission medium Different tools available on the internet –Network sniffers, protocol analysers... –Password collectors With the right equipment, it’s possible to eavesdrop traffic from few kilometers away

Man in the middle attacks Allows data analysis and manipulation –Tools available on the internet Can target secure higher level protocols MITM attacks are also possible in wired networks In a MITM attack, the attacker funnels victim’s traffic through a point controlled by the attacker

Man in the middle attacks The attacker can terminate victim’s SSL/TSL session at her host and reconnect to the actual site. This allows the attacker to see everything in clear text

Wireless MITM Attack 1.Attacker spoofes a disassociate message from the victim 2.The victim starts to look for a new access point, and the attacker advertises his own AP on a different channel, using the real AP’s MAC address 3.The attacker connects to the real AP using victim’s MAC address

Denial of Service Frequency jamming –Not very technical, but works Spoofed deauthentication / disassociation messages –can target one specific user Attacks on higher levels –SYN Flooding –Ping of death –...

Wi-Fi Security Techniques At the moment –Wired Equivalent Privacy (WEP) –802.1X Access Control –Wireless Protected Access (WPA) In the future –802.11i

Wired Equivalent Privacy (WEP) Original security solution offered by the IEEE standard Uses RC4 encryption with pre-shared keys and 24 bit initialization vectors Flawed design, easily broken –IV reuse causes problems –Tools to break WEP available on the internet Offers very little security at all

802.1x Access Control Designed as a general purpose network access control mechanism –Not Wi-Fi specific Access to network is controlled by switches (Access points in the Wi-Fi domain) User management with RADIUS –Extensible Authentication Protocol (EAP) used in authentication process –Authentication is done with the RADIUS server, which ”tells” the access point whether access to controlled ports should be allowed or not Doesn’t affect data transmissions, only authentication messages are encrypted if used EAP method is encrypting

802.1x Access Control

Wireless Protected Access (WPA) 802.1x Access Control –Pre-shared key setup available for SOHO environments TKIP (Temporal Key Integrity Protocol) encryption –RC4, dynamic encryption keys (session based) 48 bit IV, key mixing function –Fixes all issues found from WEP Uses Message Integrity Code (MIC) Michael –Ensures data integrity Old hardware should be upgradeable to WPA

WPA and Security Threats Data is encrypted –Protection against eavesdropping and man-in- the-middle attacks Denial of Service –As a security precaution, if WPA equipment sees two packets with invalid MICs within a second, it disassociates all its clients, and stops all activity for a minute –Only two packets a minute enough to completely stop a wireless network

802.11i WPA and the IEEE i share features –TKIP, the use of 802.1x for access control Standard is not yet ready, ratification is expected Q1/2004 Will require new hardware –AES used for encryption...

Conclusions The are various risks affecting the wireless user Good Wi-Fi security technologies exist, but they are not used –According to some studies, only 40 % of wireless networks use WEP –Therefore, it is important to understund the risks Higher level security protocols should be used when possible –After all, users have little control on technologies used in networks they use

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.