Presentation is loading. Please wait.

Presentation is loading. Please wait.

Communication System Design 2002, KTH1 Security And Availability For Wireless Communication Organization Post & Telestyrelse : Anders Rafting Coach : Lars.

Published byGabriel Bailey Modified over 9 years ago

Similar presentations

Presentation on theme: "Communication System Design 2002, KTH1 Security And Availability For Wireless Communication Organization Post & Telestyrelse : Anders Rafting Coach : Lars."— Presentation transcript:

1 Communication System Design 2002, KTH1 Security And Availability For Wireless Communication Organization Post & Telestyrelse : Anders Rafting Coach : Lars Adolfsson Co-Coach : Fredrik Lilieblad Mehdi GhasemiXiaodong HuYvonne Grunnevall

2 Communication System Design 2002, KTH2  Goals  What is Wireless Security?  Threats in wireless LAN  Security implementations in  HiperLAN/2, IEEE 802.11a, b and Bluetooth  IP-Roaming (WVPN)  OS security  Conclusion Presentation disposition Security And Availability For Wireless Communication

3 Communication System Design 2002, KTH3  Classifying security threats in WLAN  Security implementation in HiperLAN/2, 802.11 and Bluettoth  Comparing HiperLAN, 802.11 and Bluetooth with each other  Seamless IP-Roaming  Security solutions  Inventory of terminals on the market Goals Security And Availability For Wireless Communication

4 Communication System Design 2002, KTH4 What is WLAN Security? Security And Availability For Wireless Communication

5 Communication System Design 2002, KTH5 Threats in Wireless Communication 1.Passive attacks 2.Active attacks Security And Availability For Wireless Communication

6 Communication System Design 2002, KTH6 Threats in Wireless Communication Passive attacks Eavesdropping (sniffering)  Very easy in the radio environment.  If the wireless LAN is inside a building, the eavesdropping could actually occur from an external point Security And Availability For Wireless Communication

7 Communication System Design 2002, KTH7 Threats in Wireless Communication Active attacks 1.Social Engineering 2.Impersonation 3.Exploits 4.Data Driven 5.Transitive Trust 6.Infrastructure 7.Denial of Service Security And Availability For Wireless Communication Similar in Wired & Wireless Communication

8 Communication System Design 2002, KTH8 Threats in Wireless Communication Social Engineering  Fooling the victim for fun and profit  Example 1.Please change your password to ”fooble” 2.Attacker then logs in as user from our network 3. System bugs exploited to gain complete run of system Security And Availability For Wireless Communication

9 Communication System Design 2002, KTH9 Threats in Wireless Communication Impersonation  Stealing access rights of authorized users  Example 1.Attacker with network sniffer (tcpdump,nitsniff, etc) at trade show or network captures complete login session 2.Attacker later logs into system with user-id and stolen password Security And Availability For Wireless Communication

10 Communication System Design 2002, KTH10 Threats in Wireless Communication Exploits  Exploiting a hole in software or operatingsystems  Example 1.Attacker sends a message to invalid recipient that appears to have come from a program invocation Security And Availability For Wireless Communication

11 Communication System Design 2002, KTH11 Threats in Wireless Communication Data Driven  Trojans, trapdoors, viruses  Example 1.Attacker logs into user's account Security And Availability For Wireless Communication

12 Communication System Design 2002, KTH12 Threats in Wireless Communication Transitive Trust  Attacker fools the mobile host into trusting a base station controlled by the attacker  Wireless LANs offer an interface to an attacker requiring no physical arrangements Security And Availability For Wireless Communication

13 Communication System Design 2002, KTH13 Threats in Wireless Communication Infrastructure  Taking advantage of protocol or infrastructure features or bugs  Infrastructure attacks are based on weaknesses in the system; software bugs, configuration mistakes, hardware failures, etc.  Similar to problems in wired LANS.  Protection against this type of attacks is nearly impossible. Efforts should be made to minimize potential damage. Security And Availability For Wireless Communication

14 Communication System Design 2002, KTH14 Threats in Wireless Communication Denial of Service  Preventing system from being used  As result of the nature of radio transmissions, wireless LANs are very vulnerable to DOS attacks  With a powerful enough transceiver, an attacker can easily generate enough interference to jam communications Security And Availability For Wireless Communication

15 Communication System Design 2002, KTH15 Security Implementation in  IEEE 802.11  HiperLAN  Bluetooth Security And Availability For Wireless Communication

16 Communication System Design 2002, KTH16 Security And Availability For Wireless Communication 802.11: Wired Equivalent Privacy (WEP)  Designed to be computationally efficient, self-synchronizing and exportable  All users of a given access point share the same encryption key  Shared key authentication  Vulnerable to attack  Data headers remain unencrypted so anyone can see the source and destination of the data stream

17 Communication System Design 2002, KTH17 Security And Availability For Wireless Communication 802.11: Service Set ID (SSID)  SSID is the network name for a wireless network  Can be required to specifically request the access point by name (lets SSID act as a password)  The more people that know the SSID, the higher risks for misuse  Changing the SSID requires communicating the change to all users of the network

18 Communication System Design 2002, KTH18 Security And Availability For Wireless Communication 802.11: MAC Address  Can control access by allowing only defined MAC addresses to connect to the network  Must compile, maintain, and distribute a list of valid MAC addresses to each access point  This address can be spoofed  Not a valid solution for public applications

19 Communication System Design 2002, KTH19 Bluetooth Security And Availability For Wireless Communication  Three security modes 1. Non-secure 2. Link level security, four entities 3. Service levle security, three security levels

20 Communication System Design 2002, KTH20 HiperLAN/2 Security And Availability For Wireless Communication  Authentication  Pre-shared key  Public key  Encryption

21 Communication System Design 2002, KTH21 Security And Availability For Wireless Communication Feature802.11a802.11bHiperLAN/2 Access CSMA/CA Centralized TDMA Connection Connectionless Connection oriented Network support Support for 802.2 based network Support for multiple core network Encryption 40-bit RC4 DES, 3DES Security Authentication, encryption and WEP (and OFDM ) Authentication encryption and WEP Defines two IDs of communicating nodes uniquely identifying any stations to accomplish security Comparison between the standards

22 Communication System Design 2002, KTH22 Security And Availability For Wireless Communication  802.11a and 802.11b work on different frequencies, so Can coexist in one network  Interference between 802.11b and Bluetooth (near each other)  HiperLAN/2 is not interoperable with 802.11a or 802.11b Interoperability

23 Communication System Design 2002, KTH23 Security And Availability For Wireless Communication  Security and seamless IP-Roaming  IP Mobility  Session Mobility Wireless VPN

24 Communication System Design 2002, KTH24 IP Mobility Security And Availability For Wireless Communication

25 Communication System Design 2002, KTH25 Security And Availability For Wireless Communication Session Mobility

26 Communication System Design 2002, KTH26 Security And Availability For Wireless Communication OS Security

27 Communication System Design 2002, KTH27 Security And Availability For Wireless Communication Windows Security

28 Communication System Design 2002, KTH28 Security And Availability For Wireless Communication Unix security

29 Communication System Design 2002, KTH29 Security And Availability For Wireless Communication  Wireless LANs very useful and convenient, but current security state not ideal for sensitive environments.  Growing use and popularity require increased focus on security  Cannot forget client security  Strong end user security policies and configurations  The nature of the radio communication makes it practically impossible to prevent some attacks, like denial of service using radio interference  Firewalls  Wireless VPN Conclusion

30 Communication System Design 2002, KTH30 Questions? Security And Availability For Wireless Communication

31 Communication System Design 2002, KTH31 What is WLAN (Wireless Local Area Network) ? Security And Availability For Wireless Communication

32 Communication System Design 2002, KTH32 HiperLAN/2,IEEE 802.11 and Bluetooh Security And Availability For Wireless Communication

33 Communication System Design 2002, KTH33 IP-Roaming Security And Availability For Wireless Communication

34 Communication System Design 2002, KTH34 Security And Availability For Wireless Communication 802.11  2.4GHz operating frequency  1 to 2 Mbps throughput  Can choose between frequency hopping or direct sequence spread modulation

35 Communication System Design 2002, KTH35 Security And Availability For Wireless Communication  Operates in 5GHz band (less RF interference than 2.4GHz range)  Users Orthogonal Frequency Division Multiplexing (OFDM)  Supports data rates up to 54 Mbps  Currently no products available, expected in fourth quarter 802.11a

36 Communication System Design 2002, KTH36 Security And Availability For Wireless Communication  Operates in 2.4GHz band  Data rates can be as high as 11 Mbps  Only direct sequence modulation is specified  Most widely deployed today 802.11b

37 Communication System Design 2002, KTH37 Security And Availability For Wireless Communication  Development led by the European Telecommunications Standards Institute (ETSI)  Operates in the 5 GHz range, uses OFDM technology, and support data rates over 50Mbps like 802.11a  QoS HiperLAN/2

38 Communication System Design 2002, KTH38 Security And Availability For Wireless Communication  Provides a scaleable authentication and encryption solution  Does require end user configuration and a strong knowledge of VPN technology  Users must re-authenticate if roaming between VPN servers VPN (Virtual Private Network)

39 Communication System Design 2002, KTH39 Security And Availability For Wireless Communication WEP Encapsulation Summary: Encryption Algorithm = RC4 Per-packet encryption key = 24-bit IV concatenated to a pre-shared key WEP allows IV to be reused with any frame Data integrity provided by CRC-32 of the plaintext data (the “ICV”) Data and ICV are encrypted under the per-packet encryption key 802.11 HdrData 802.11 HdrDataIVICV EncapsulateDecapsulate WEP Encapsulation

40 Communication System Design 2002, KTH40 Difference between HiperLAN/2 and 802.11 Security And Availability For Wireless Communication  Higher efficiency with regard to throughput  Main difference is at MAC-layer  Can be used in a vriouse core network envoironment

41 Communication System Design 2002, KTH41 Security And Availability For Wireless Communication Vulnerability

Download ppt "Communication System Design 2002, KTH1 Security And Availability For Wireless Communication Organization Post & Telestyrelse : Anders Rafting Coach : Lars."

Similar presentations

Wireless LAN Security Mandy Andress ArcSec Technologies Black Hat Briefings July 12, 2001.

Wireless LAN Security Mandy Andress ArcSec Technologies Black Hat Briefings July 12, 2001.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.

802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.
802.11 Networks Olga Agnew Bryant Likes Daewon Seo.

Networks Olga Agnew Bryant Likes Daewon Seo.
WLAN security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
WLAN What is WLAN? Physical vs. Wireless LAN

WLAN What is WLAN? Physical vs. Wireless LAN
IE 419/519 Wireless Networks Lecture Notes #4 IEEE 802.11 Wireless LAN Standard Part #2.

IE 419/519 Wireless Networks Lecture Notes #4 IEEE Wireless LAN Standard Part #2.
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,

Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,

Similar presentations

Ads by Google