Fitsum R. Lakew Wireless Network Security Threat

Wireless Network Security Threats 1

WIRELESS NETWORK SECURITY THREATS

FITSUM R. LAKEW

Graduate School of Management and Technology

Information Technology (MS): Information Assurance Specialization

UNIVERSITY OF MARYLAND UNIVERSITY COLLEGE

August 15, 2010

http://www.umuc.edu/programs/grad/msit/information_systems_assurance.shtml


Outline Page

Abstract …………………………………………………………………………………….3

1. Introduction ……………………………………………………………………………...3

2. Wireless Vulnerabilities, Threats and Countermeasures ……………………………...5

2.1 Network Security Threats ……………………………………………………………...5

2.1.1 Accidental Association …………………………………………………………….. 5

2.1.2 Malicious Associations ……………………………………………………………...6

2.1.3 Passive Eavesdropping ………………………………………………………. …….7

2.1.4 Ad-hoc Networks ……………………………………………………...8

2.1.5 MAC Spoofing (Identity Theft)……………………………………………………...9

2.1.6 Man-in-the-middle Attacks ……………………………………………………..10

2.1.7 Denial of Service ……………………………………………………………..11

3. Consequences of Poor Wireless Network Security ……………………………..12

4. Effective Strategies for Improving Wireless Network Security ……………..............13

4.1 Wireless Security Strategies ……………………………………………………..14

4.1.1 Static IP Address ……………………………………………………………...14

4.1.2 Password Change ……………………………………………………………...15

4.1.3 MAC Filtering ………………………………………………………………15

4.1.4 Encryption ………………………………………………………………16

4.1.5 Use of Anti-virus and Firewalls………………………………………………………16

4.1.6 Educating Users ………………………………………………………………............16

4.2 Network Auditing ………………………………………………………………...........17

5. Conclusion ………………………………………………………………...........17


Wireless Network Security Threats

Abstract

The growth of information technology has made wireless networking one of the most

imperative tools of communication. Business persons and home users have resorted to wireless

technology as a way of communicating with business partners and friends. This is because

wireless networking is easily accessible, inexpensive and easy to use. For example, the

emergence of new technologies has created hot spots where on-the-go laptop users can access

internet anywhere be it in shops, home, school, airports or workplaces. However, with all

advantages associated with wireless networks, the absence of security threats is inevitable. In the

recent years, wireless networks have encountered security threats, which posses risk to

information privacy. These security threats are dangerous to business opportunities and the

general lives of wireless technology users. Such security threats have forced information

technology experts to put into operation technological solutions aimed at curtailing wireless

security threats and vulnerabilities. The probability of winning over security threats is high

simply because, wireless security is principally a management dilemma. Nevertheless, in order to

control wireless security risks, experts must assess the associated security risks and look for

modalities of mitigating them. The paper examines various wireless network security threats

within a certain environment and provides solutions of eliminating those security threats. (Gast,

2005, pp. 1-12).


1. Introduction

Wireless security is a way of thwarting unauthorized entry or destruction of computers

through wireless networks. Today, many persons and organizations use wireless networks to

manage their interests. Interconnected computers and wireless carded laptop notebooks face

many security risks, which compromises the privacy of stored data. For instance, computer

hackers have come up with mechanism of breaking into wireless networks with a lot of ease.

Interestingly, these hackers deploy wireless technologies to break into wired networks and

commit offences. This is the reason why organizations and individuals using wireless networks

must look for means and ways of controlling unauthorized entries into private and vital resources

available in wireless networks. Wireless technology users continue to suffer by day as wireless

security threats keeps on increasing and becoming popular. Moreover, the ignorance of wireless

network users has also prompted unauthorized access to wireless networks. For example, when

information technology experts introduced wireless networking, security threats seemed less as

this particular technology applied only in big organizations and offices. However, as time went

by, individuals started using it. Consequently, this became possible for crackers to latch

modalities of accessing resources from wireless networks. (Ross, 2008, pp. 3-13).

In most cases, some of these security threats associate with wireless protocols,

encryption, recklessness and unawareness of computer users either at individual or commercial

information technology level. In a rather worrying note, some of the cracking methods that

breach network security appear more complicated, and with the presence of Windows and Linux

tools, crackers find it easy to institute wireless network threats. Perhaps to start with, we need to

relook on the advantages of wired networks both to legible users and crackers or hackers.

Primarily, wireless networks exhibit many advantages to legible users. For example, they are


cost efficient, convenient, produce expected results, easy to deploy and expand, and finally, easy

to integrate with other networks. Nevertheless, some disadvantage worries like security, range of

operation, dependability and network speed appear to limit its applications. With these worrying

issues, nobody is able to predict the efficiency and security of wired networks. In addition,

unofficial access points, transmittable SSIDS, and unknown MAC addresses remain paramount

security threats. However, with Wireless Local Area Network troubleshooting techniques like

Fluke, Network General and Network Instruments, wireless network users can eliminate or avoid

security threats. (Min-kyu, Robles, Hong, & Kim, 2008, p. 78).

2. Wireless Vulnerabilities, Threats and Countermeasures

The normal wireless network composes of three fundamental components and the user.

Under this scenario, the user becomes actually the fourth component. The first component is

radio frequency, which help in the transmission of information from one point to another.

Secondly, there are access points for connecting with other networks. The third component is of

course, IT devices (Client devices) such as desktop computers, laptop computers and PDAs.

Ironically, network threats target these components leading to network security aims like

confidentiality, integrity and accessibility.

2.1 Network Security Threats

2.1.1 Accidental Association

Unauthorized entry into wireless networks occurs in different ways. Although many of

them occur intentionally, there is one which is accidental. Accidental association is a wireless

network security breach that exposes confidential information of a proprietary company

elsewhere. In most cases, this happens between two nearby wireless networks. A user can turn on

a client device only to find overlapping data that belongs to the neighbor. This kind of security


breach sometimes known as mis-association is majorly accidental but, in rare cases it can be

deliberate especially when an attacker aims to connect a personal computer to the neighboring

wireless network access points (APs).

2.1.2 Malicious Associations

This particular wireless network security threat is intentional and the attacker aims to

obtain information from a particular wireless network. In order to access such information,

requires components like wireless devices and cracking laptops. The cracking laptop will act as

an access point while, the wireless device will link the cracking laptop and the wireless network.

One characteristic with these cracking laptops (soft access points) is that, they actually resemble

the targeted access points. Consequently, when an attacker inserts a wireless network card, the

system unlocks and somebody can now access any data. After such a successful unlawful entry,

the cracker can now access passwords, instigate new network hitches, or deposit viruses and

trojans into the network. Perhaps one advantage associated with wireless networks is that they

operate at layer 2 and layer 3. Thus, the available security protection mechanism, which includes

network authentication and virtual private networks (VPNs), cannot control malicious

association. On the other hand, research shows that wireless 802.1x authentications previously

believed by many as secure, as of now, crackers can still enter a wireless network. However, in

wireless networks safeguarded by wireless 802.1x authentications, crackers tend to target Layer

2 networks rather than virtual private networks (VPNs). This is because Layer 2 is easier to

crack than VPNs. (Kelley, 2003, pp. 60-69).


2.1.3 Passive Eavesdropping

This is another wireless network security threat where an attacker scrutinizes every

session happening within the wired network. In most case, the attackers target the payload in

order to get private information. The payload contains very secure plaintext information, which

an attacker can access through flouting the encryption. In fact, this type of security threat appears

simple in that attackers need access transmission only. For instance, using directional antenna,

crackers are able to detect wireless transmissions (802.1) even at miles away. This makes the

wireless network more vulnerable to attack as one cannot physically control transmission

detection. Most users believe that deployment of wireless networks includes rearrangement of

access points with encryption. Nonetheless, this is never the same as majority of wireless

network APs contain many vulnerabilities such as wired equivalent privacy (WEP) and the

802.11 wireless security standards. Through passive eavesdropping, an attacker can obtain

transmittable data and also use other means to examine packets of data transmitted in a particular

session. Furthermore, attackers can use directional antenna to determine the basis, destination,

dimension and period of transmissions. Thus, it is very clear transmissions can compromise data

privacy by inviting attacks. (Welch 2003, pp. 2-3).


2.1.4 Ad-hoc Networks

This particular networks can execute wireless security threats and allow unlawful data

access. Experts create ad-hoc networks by connecting wireless computers without necessarily

using access points. Thus, it is very much clear that these wireless network lack efficient

protection. Nevertheless, when building such networks, experts tend to deploy encryption

methods as security measures. Through Ad-hoc networking, experts create a security hole

believing that it will offer the necessary security and prevent any intended malice. However,

these experts do not understand that within a corporate environment, some versions of Microsoft

Windows operating system have security breach that can allow easy access of data. This can be a

challenge to many users who are not in a situation to identify unsecured Ad-hoc network within

the computer’s operating system. The scenario is even worse when a user uses the same Ad-not

network computers for a wired network. This is because a viaduct forms linking the corporate

network with an unsecured Ad-hoc connection, which create vulnerable access points. A viaduct

can either be direct or indirect. The direct viaduct occurs when users join two access points while


an indirect bridge or viaduct occurs when many computers draws resources form the server. Of

the two, indirect bridge or viaduct appears more unsecure than the direct one. Firstly, individual

or corporate data executed through perceived secure wired networks, can appear on an attacker’s

end note computer drive and then be retrieved through an unsecured Ad-hoc network. Secondly,

viruses or trojans exposed to a particular wireless network through an unsecure Ad-hoc

connection can create a pathway to private data hence, a security threat. Captivatingly, this type

of security threat does not require password cracking as crackers can enter malevolent codes to

an unsuspecting user’s end node arrangement and thereby access information through an Ad-hoc

network. (Welch, 2003, pp. 2-6).

2.1.5 MAC Spoofing (Identity Theft)

This threat is a bit complicated in that crackers manufacture devices, which can enable

them to eavesdrop in on network traffic and thereby make out the computer’s MAC address that

has got varied network dispensations. Although most wireless network characterize with MAC

filtering, which is ideally, a security practice that allows authorized wireless network access

using MAC identification cards, research shows that crackers can develop software programs

with “sniffing” capabilities, and hence obtain secure addresses such as MAC addresses. Perhaps,

the only scenario where MAC filtering appears protective is when users operate small residential

(SOHO) networks. This is because under SOHO networks, wireless devices are “off the air”

making it hard to detect MAC addresses. However, with bigger wireless networks, the 802.11

wireless devices are evidently “on the air”. The disadvantage associated with such networks is

that when the 802.11 device is “on the air”, it carries unencrypted MAC address right at the

header, and with simple software programs or equipments, crackers can obtain the MAC address.

For instance, the combination of freeware wireless packet analyzer together with 802.11 wireless


receivers such as computer laptops and wireless adapters can enable some one to retrieve the

MAC address of transmitting wireless networks, of course, within 802.11 assortments. Thus, it is

very clear MAC filtering does not offer enough security to transmitting networks as users

perceive. (Min-kyu, Robles, Hong, & Kim, 2008, pp. 84-87).

2.1.6 Man-in-the-middle Attacks

Research shows that crackers targeting wireless networks find it easier to obtain private

information at Layer 2 and Layer 3. This is because at this stage, encryption dominates in the

transmitted packets making it easier to access heading information at second or third data link

layer. Nevertheless, if a user deploys virtual protocol networks (VPNs) or IPsec security, the

probability of accessing header information lessens. With the man-in-the-middle attack,

unauthorized persons can obtain confidential information from a session or sometimes alter the

transmittable packets, which will then compromise the integrity of a particular session. For

example, during a wireless network session, a cracker may read and even modify the contents of

the original data before the receiver gets it. However, it is not clear to many on how this happens.

To start with, a cracker committing man-in-the-middle attack breaks the session in order to

detach the connection existing between the target and access points (APs). After successfully

detaching the two, the cracker will then connect the actual APs to a wireless card. The wireless

card will lead a traffic flow of data from the wireless network to the hacker’s retrieving device.

Secondly, the cracker can use wireless equipments to break the wireless network at access points.

Consequently, the encrypted tunnel will exhibit vulnerabilities and make private data access

easier.


(Welch, 2003, p.3)

2.1.7 Denial of Service

This is another type of wireless security threat where the attacker repeatedly barrages the

targeted wireless network or access points (APs) with spurious requests, intriguing wireless

network link communications, stoppage instructions and data. Since the network is not used to

these new messages and commands, the access points disassociate the network reveling

encryption. On a more worrying note, the system can lock out the legitimate user and sometimes

crash. Additionally, the denial of service attacks targets the annihilation of network protocols

like the Extensive Authentication Protocol (EAP) in order to access private data. However, this

type of security threat is ineffective to a large extent as the attacker cannot access the real

individual or corporate data. The interrupted wireless network cannot offload data to any

wireless device and in most cases, the network crashes after interruption.


Consequently, many users might wonder the reason of performing a denial of service

attack if the attacker cannot access organizational data. Nevertheless, there is a reason why

malicious attackers decide to perform this security threat. After a successful denial of service

attack, the wireless network locks or crashes. This is the time when the malicious attackers take

their time to monitor its recovery. As the network recovers, some data can re-transmit to other

wireless devices, which includes codes, passwords and IDs. Later on, the crackers will use these

factors to together with cracking tools in order to make an unlawful entry into the wireless

network. Research shows that feebly encrypted wireless networks such as wired equivalent

privacy (WEP) are the most affected due to its numerous tools. (Min-kyu, Robles, Hong, &

Kim, 2008, pp. 80-85).

3. Consequences of Poor Wireless Network Security

Wireless networks characterize with portability and productivity, and this is the main

reason why many people use them either at home or organizational level. In addition, wireless

network connections do not use cables but instead, involves plugging in an AP or a router to a

client device. Nevertheless, with this open connectivity, the probability of threat attack is high.

Thus, the meager security standards in addition to undeveloped technologies, defective

implementations and ignorance are some of the factors that lead into the construction of an

unsecure wireless network. With these factors dominating the deployment of an unsecure

wireless network, hackers and crackers find it easier to make unauthorized entries through the

communication medium. Consequently, poor network security leads to the compromise of data

and other resources in terms of reliability, accessibility and confidentially. Organizational

resources such as fiscal statements, individual data and intellectual information that appear

sensitive to the public should receive maximum security to preserve their confidentialities. In


most cases, this happens when encryption and security mechanisms within a wireless network

appear weak or vulnerable. An intruder can alter, destroy or delete stored data in a wireless

network when the system exhibits some deformities in data-synchronization routines that link

wireless network users and the back-end storage. In addition to this, security threats such as

denial of service can enable crackers use network bandwidth for their own selfish interests. Other

consequences associated with poor wireless network securities include resource theft

mechanisms such as consumption of disk space and bandwidth, piracy, downloading

pornographic materials and entertainment literature via stolen airwaves. Some people can utilize

the presence of poor wireless networks to steal information, which is wanted somewhere else.

Krishnamurthy, Joseph, &Tanapat, 2002, pp. 157-166).

4. Effective Strategies for Improving Wireless Network Security

In most cases, the nature of a wireless network in terms of construction and deployment

determines whether the network is prone to security threats such as interception, disruption and

alteration. However, experts have come up with various ways of eliminating network threats. For

example, eavesdropping, which is very common in at least all wireless networks can be

controlled using two major ways. The first one is of course, creating a difficult environment for

establishing and seizing wireless signals. Secondly, users can use encryption in order to

safeguard privacy even in situations where crackers intercept the network. Two years ago,

experts came up with a Wireless Intrusion Prevention System (WIPS), which is sable to thwart

all intended security threats. Today, most organizations use this system to protect their wireless

networks against security threats.


4.1 Wireless Security Strategies

4.1.1 Static IP Address

Most hackers access network data through an IP address. It is therefore paramount to

look for modalities of preventing this. For example, users can disable their IP address function

form the server every time when the system is not running. This will lower the chances of

logging in failed messages, trial keys and rogue passwords into the network. In addition,

deployment of access pint firewalls can help in jamming an unused IP address and retain

network confidentiality. Users can also decrease the size of a fastidious subnet to reduce chances

of threat attack. This is useful in discouraging man-in-the-middle threats. (Skoudis, 2002, p.

351).

Session Attack: (Welch, 2003, p.7)


4.1.2 Password Change

Wireless devices come with default passwords. If users fail to change such passwords,

some crackers can capitalize on this and enter that wireless network. Thus, it is advisable to

change the default passwords of wireless devices in order to minimize security threats. In

addition, users should look for unique passwords, and one that includes non-alphanumeric

characters to make the network more secure.

4.1.3 MAC Filtering

When deploying wireless networks, engineers must create MAC identification filtering as

a security strategy. This will allows only users to gain authorized entry into networks

characterized by MAC IDs and minimize accidental associations. However, users should not rest

assured because crackers can fake MAC IDs and access their networks.

4.1.4 Encryption

So far, this has proved to be the most effective way of discouraging wireless network

security threats. An encrypted system can show and report some of the threats targeting the

system. Luckily, most wireless devices such as APs, caller devices and base stations come with

built-in encryptions systems and the user need to turn it on so that it protects the network.

(Krishnamurthy, Joseph, &Tanapat, 2002, pp. 160-165).

4.1.5 Use of Anti-virus and Firewalls

Some networks collapse due to invasion from trojans and viruses. Just like computers

connected to an internet, wireless network computers can also catch malwares, trojans and

viruses. Thus, it is advisable to install all wireless network computers with anti-malware

programs and update them periodically in order to offer protection.


4.1.6 Educating Users

As one constituent of wireless networking, users ought to understand how to protect their

wireless systems. Thus, it is quite imperative to train then on the security measures to undertake

in order to protect their wireless systems. Most hackers and crackers find their way into other

people’s wireless networks due to ignorance of users. Thus, if experts equip these users with

strategies of eliminating threats, wireless networks will remain secure.

4.2 Network Auditing

Through auditing, users can identify rogue hardware, disjointed access points and wireless

functions. This is vital for weak systems such as WEP as tools like Airsnort can correct any

existing network anomaly. (Skoudis, 2002, pp. 352-359).


5. Conclusion

Wireless networks associate with many advantages such as increased productivity and

reduced operation costs. Through wireless networks, business opportunities have improved

greatly. Today, millions of people work as information technology staff all over the world

courtesy of wireless networks. However, with all these numerous benefits, wireless networks

encounter deliberate and accidental security threats that lead to information loss or system

collapse. Consequently, there is loss of data, confidentiality compromise, interception and

disruption of normal processes. If users undertake security measures, they can eliminate these

threats and maintain confidentiality.


Reference List

Gast, M. (2005). 802.11 Wireless Networks: The Definitive Guide. (2nd Ed.).

Sebastopol, CA: O’Reilly & Associates.

Kelley, D. (2003). The X factor: 802.1x may be just what you need to stop intruders

from accessing your network. Information Security, 6(8), 60-69

Krishnamurthy, P., Joseph, K. &Tanapat A. (2002). Security in Wireless Residential

Networks. IEEE Transactions on Consumer Electronics, 48(1), 157- 166.

Min-kyu, C., Robles, R., Hong, C. & Kim, T. (2008). Wireless Network Security:

Vulnerabilities, Threats and Countermeasures. International Journal of Multimedia and

Ubiquitous Engineering, 3(3), 77-86.

Ross, J. (2008). The Book of Wireless: A Painless Guide to Wi-Fi and Broadband

Wireless. (2nd Ed.) San Francisco: No Starch Press.

Skoudis, E. (2002). Counter Hack: A Step-by-Step Guide to Computer Attacks and

Effective Defenses. New Jersey, Upper Saddle River: Prentice Hall.

Welch, D. (2003). Wireless Security Threat Taxonomy: Proceedings of the 2003 IEEE.

Workshop on Information Assurance. New York: United States Military Academy.

Documents

Fitsum R. Lakew Wireless Network Security Threat