View
457
Download
4
Category
Tags:
Preview:
DESCRIPTION
Citation preview
Presented by Mr. Nileshkumar R. Jaiswar
Wireless Network Security
Introduction Wireless technologies, in the simplest sense, enable
one or more devices to communicate without physical connections
Wireless NetworksWireless Wide Area Networks (WWAN),
WLANs, and Wireless Personal Area Networks (WPAN). WWAN includes wide coverage area technologies such as 2G cellular, Cellular Digital Packet Data (CDPD), Global System for Mobile Communications (GSM). WLAN, representing wireless local area networks, includes 802.11 and several others.
Wireless Devices Personal Digital Assistants (PDA) Smart Phones Laptops
Wireless Standards IEEE 802.11 (bandwidth up to 2 Mbps) IEEE 802.11b (bandwidth up to 11 Mbps) IEEE 802.11a (bandwidth up to 54 Mbps) IEEE 802.11g (bandwidth up to 54 Mbps) IEEE 802.11n (support data rates of over 100 Mbps)
Wireless Security Threats Potential threats in wireless networks are device
theft, denial of service, malicious hackers, malicious code, theft of service, and industrial and foreign espionage.
Security requirements Authenticity Non repudiation Accountability
IEEE 802.11 Architecture
Security of 802.11 Wireless LANs
Security Features of 802.11 Wireless LANs per the Standard
1. Authentication
2. Confidentiality or privacy
Authentication
Shared-key Authentication
Privacy
Security Requirements and Threats
Passive Attack * Eavesdropping
* Traffic analysis
Active Attack * Masquerading * Replay * Message modification * Denial-of-service
1.Loss of Confidentiality
2.Loss of Integrity
3.Loss of Network Availability
4.Other Security Risks
5.Risk Mitigation
Technical
Countermeasures
Software SolutionsAccess Point Configuration
* Updating default passwords
* Establishing proper encryption settings* Controlling the reset function* Using MAC ACL functionality* Disable broadcast SSID feature
* Changing default channel.* Using DHCP.
Personal Firewalls Resources on public wireless networks have a
higher risk of attack since they generally do not have the same degree of protection as internal resources. Personal firewalls offer some protection against certain attacks. Personal firewalls are software-based solutions that reside on a client's machine
Intrusion Detection System (IDS) An intrusion detection system is an effective
tool for determining whether unauthorized users are attempting to access, have already accessed, or have compromised the network.
Encryption Generally have only two encryption
settings available: 40-bit shared key, and 104-bit setting.
Security Assessments Security assessments, or audits, are an
essential tool for checking the security posture of a WLAN and for determining corrective action to make sure it remains secure.
Hardware Solutions
Hardware countermeasures for mitigating WLAN risks include implementing smart cards, VPNs, PKI, biometrics, and other hardware solutions.
Smart Cards Smart cards may add another level of protection, although they also add another layer of complexity. Agencies can use smart cards in conjunction with username or password
Public Key Infrastructure (PKI)PKI provides the framework and services for the generation, production, distribution, control, and accounting of public key certificates. It provides applications with secure encryption and authentication of network.
BiometricsBiometric devices include fingerprint/palm-print scanners, optical scanners (including retina and iris scanners), facial recognition scanners, and voice recognition scanners. Biometrics provide an added layer of protection.
Advantages :-ConvenienceMobility ExpandabilityCost
Disadvantages:-SecurityRangeReliabilitySpeed
ConclusionIn this case study, we have reviewed wireless network security issues in trust, management, interoperation and measurement and have identified a number of open Critical issues in management of security relationships in public access networks include1.multi-provider authentication
2.protection of incentive information and lightweight key distribution schemes
3.compromised node defense through redundancy and consistency checking and more efficient public-key schemes.
Reference
http://www.bwif.org/http://ipoint-tech.com/http://en.wikipedia.org/wiki/Wi-Fihttp://www.webopedia.com/TERM/W/
Wi_Fi.html
Thank You
Recommended