If you can't read please download the document

Usable Security for Wi-Fi LANs

  • Upload
    page

  • View
    31

  • Download
    1

Tags:

Embed Size (px)

DESCRIPTION

Usable Security for Wi-Fi LANs. Dr. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh [email protected] Joint work with Haidong Xia. Motivation. Weaknesses of original Wi-Fi security well-publicized However, poor usability is arguably the more worrisome problem - PowerPoint PPT Presentation

Citation preview

  • Usable Security for Wi-Fi LANsDr. Jos Carlos BrustoloniDept. Computer ScienceUniversity of [email protected] work with Haidong Xia

    Jose' Brustoloni

  • MotivationWeaknesses of original Wi-Fi security well-publicizedHowever, poor usability is arguably the more worrisome problemabout 2 out of every 3 Wi-Fi networks are openanybody can get inabout 1 out of every 3 Wi-Fi networks operate in out-of-the-box configuration with default passwordsanybody can change firmware

    Jose' Brustoloni

  • How can security be made more usable?In general, there are three alternativesMake security transparent / just workImprove user interfaces for security functions Better educate/train users

    We exploit and compare all three alternatives in this work

    Jose' Brustoloni

  • What do Wi-Fi hotspots do?Need to interoperate readily with whatever hardware/software users haveNo on-site tech support availablePrimary security concern is theft of serviceIncreasing concern about man-in-the-middle (aka evil twin or rogue access point attack)

    Jose' Brustoloni

  • User authentication in Wi-Fi hotspots:Captive portalsReadily interoperable, easy-to-use authenticationUsers Web browser automatically redirected to captive portal SSL-secured page where user enters id and passwordmay use a variety of back-ends for authentication (Kerberos, RADIUS, LDAP)After authentication, users MAC and IP addresses are authorized First proposed by Stanfords SPINACH project (INFOCOM99)Widely used in university campuses and commercial hotspots

    APAPAPCaptiveportaldefaultclient

    InternetintranetplainWi-Fi

    Jose' Brustoloni

  • Theft of service bysession hijackingHijacker snoops victims MAC and IP addresses and access points MAC addressPeriodically sends to victim 802.11 disassociation or deauthentication notifications purported to come from access point (causing denial-of-service)Hijacker uses victims MAC and IP addresses to obtain unauthorized access

    Jose' Brustoloni

  • Contribution: Transparently detecting and blocking session hijackingsSession id checking:Captive portal sends to client a session management page with cookie containing a cryptographically random session idSession management page is SSL-secured and tagged with http-equiv = refresh directiveClients browser periodically sends to captive portal request to refresh the session management pageEach request accompanied by cookie with session idCaptive portal deauthorizes MAC and IP addresses of client whose refresh request and session id cookie were not received in the previous period

    Jose' Brustoloni

  • Evaluation of session id checking: throughput

    Jose' Brustoloni

  • Evaluation of session id checking:CPU utilizationFor 1 s refresh

    Jose' Brustoloni

  • Theft of service by freeloadingVictim continues to communicate (no denial of service) If victim does not have personal firewall, victim may respond to packets destined to freeloader (e.g., TCP RST), disrupting freeloaders communicationHowever, if victim has personal firewall, victim does not respond to such packetsBoth victim and freeloader get access: potential for collusion

    Jose' Brustoloni

  • Contribution:Transparently detecting freeloadingEach 802.11 packet contains a 12-bit sequence numberIncrements by one for each new packet sent; remains the same in case of MAC-layer fragmentation or retransmissionImplemented in adaptors firmware; cannot be changed by hostIn case of freeloading, sequence numbers of packets using the same MAC and IP addresses form two (or more) trend lines

    Jose' Brustoloni

  • Blocking freeloadingMAC sequence number tracking:

    Access point tracks MAC sequence numbers of packets from each associated clientIn case MAC sequence number returns from a trend line to the previous trend line, access point notifies captive portal for deauthorizing clients MAC and IP addresses

    Jose' Brustoloni

  • Evaluation of MAC sequence number trackingPassive technique:no network overheadlittle CPU or memory requirements

    In summary, the theft of service problem can be solved in a manner that users find transparent / intuitive

    Jose' Brustoloni

  • Client-side securityUsers expected to use SSL, SSH, or IPsec to protect their communicationWell-studied, trusted protocolsIn principle, should provide all security users would needBut do users actually use these protocols securely?Surprisingly, expectation not actually substantiated by research

    Jose' Brustoloni

  • Evil twin attack

    Jose' Brustoloni

  • Certificate verification (in theory)Browser has public keys of major certifying authorities (CAs, e.g., Verisign)Secure site supposed to get certificate from one of these CAs, with:CAs signature certificate expiration sites name sites public keyBrowser supposed to:check CAs signature, expiration, sites name, CAs revocation listget sites public key and use it to authenticate site

    Jose' Brustoloni

  • Certificate verification (in practice)Public-key infrastructure (PKI) not universally deployedCertificate verification errors are commonBrowsers warn users of errors, but allow users to continue despite errors

    Vulnerability to MITM attacks despite HTTPS

    Jose' Brustoloni

  • Certificate verification (in practice)Public-key infrastructure (PKI) not universally deployedCertificate verification errors are commonBrowsers warn users of errors, but allow users to continue despite errors

    Vulnerability to MITM attacks despite HTTPS

    Jose' Brustoloni

  • Why certificate verification failsBrowser does not have public key of certificates issuervery common for internal sites often not attackuncommon for public sites high risk of attackCertificate expiredmay result from simple inattentionunlikely to be attackCertificates subject not desired siteif subject in same domain as desired site unlikely to be attackotherwise high risk of attack

    Current browsers allow user to proceed despite error in all of these cases

    Jose' Brustoloni

  • Contribution: Context-Sensitive Certificate Verification (CSCV)CSCV-aware private CA:Distributes its public key to organization members, on removable media (e.g., floppy disk or USB key)Includes administrators contact information in issued certificates

    If certificate verification fails because issuers public key unknown, CSCV-aware browser:Asks user for key on removable mediaIf user does not have it, uses information in certificate to guide user on how to contact CAs administrator to overcome errorDoes not allow user to continue without correcting error

    Jose' Brustoloni

  • Unencrypted passwordsExisting browsers warn against unencrypted transmission, but:Do not discriminate between passwords and other dataWarnings occur quite frequentlyOften ignored or disabled by users

    Jose' Brustoloni

  • Contribution:Specific Password Warnings (SPW)Browser detects user about to send password unencryptedAsks if password protects important accountIf so, strongly discourages user from continuing:Tells user signs of secure site (https:, closed padlock)Asks user to consider possibility of MITM replica of usually secure siteAsks user to consider consequences of financial or privacy loss

    Jose' Brustoloni

  • Just-in-Time Instruction (JITI)Warn-and-Continue (WC) e.g., Internet Explorer (IE):Uses concepts that users do not understandDoes not fully disclose possible consequencesDoes not tell users how to overcome errorCan be ignored by users

    Jose' Brustoloni

  • Improving JITIGuidance Without Override (GWO) e.g., CSCV:Addresses all four shortcomings in WCNot always possible

    Guidance With Override (G+O) e.g., SPW:Unlike GWO, can be ignored by userMore generally applicable, but less secure

    Jose' Brustoloni

  • Well-in-Advance Instruction (WIAI)Whittens alternative to JITISafe staging: each stage enables only data and functions that user knows how to manipulate safelyOur instantiation: Staged PKI Client (SPKIC)Use browser with restricted functions and learn to reject unverified certificates, not to send unencrypted passwords, and how to get CAs public keyLearn about MITM attacks, set up CA, issue bona fide and bogus certificatesUse IE without restrictions

    Jose' Brustoloni

  • User studiesMale CS undergradsUntrained, using unmodified IEUntrained, using modified Mozilla with CSCV, SPWAfter staged security training, using unmodified IE

    ScenarioCheck balance at rewards site in students university with HTTPS, certificate from unknown CA, correct local contact infoSpend rewards to buy one or more items at e-merchant site with HTTPS, certificate from unknown CA, bogus contact infoGet order confirmation message at Web-based email site with HTTP only / no certificate

    Jose' Brustoloni

  • Experimental results Alarming insecurity for untrained users with existing browsers Users actually behaved less securely with HTTPS CSCV, SPW, and SPKIC all had highly significant benefits CSCVs effect significantly higher than SPKICs

    Jose' Brustoloni

  • CaveatsTask completion biasDifficulty effectAge, gender, education level, ability not controlled

    Jose' Brustoloni

  • Related workUsable security (Adams & Sasse, Anderson, Zurko & Simon, Sandhu, Xia & Brustoloni)Whitten & Tygar PGPOut-of-band certificate fingerprint verificationIdentity-based cryptographyAckerman & Cranor criticsYe & Smith browser trusted pathsYan & al. education on password selection

    Jose' Brustoloni

  • ConclusionsSession id checking and MAC sequence number tracking secure network side transparentlyClient side more difficult to secure because most users do not understand certificates, ignore warningsDelegating security decisions to users defeats securityCSCV: User interface discriminates context in which certificate verification fails & guides user in correctionGreater benefit than user educationSPW: User interface warns possible consequences of sending passwords unencryptedBenefit similar to that of user education

    Jose' Brustoloni

  • Significance analysis

    Jose' Brustoloni

  • Dialog for certificate on removable media

    Jose' Brustoloni

  • Dialog for determining relationship between client and server

    Jose' Brustoloni

  • Dialog guiding inside member for getting certificate

    Jose' Brustoloni

  • Dialog cautioning public client about certificate error

    Jose' Brustoloni

  • Dialog for unencrypted password important account

    Jose' Brustoloni

    Lets say we have an access point with an SSID of goodguy. If a wireless client with their SSID set to ANY enters the range of the access point goodguy, they will associate to goodguy and the clients SSID will effectively become goodguy.

    However, if another access point with an SSID of badguy enters the picture, and in relation to the wireless client, badguy is either physically closer or its signal is stronger than goodguy, then there is the potential for the client to re-associate to the closer and stronger access point badguy, and the clients SSID will effectively become badguy.

    It is possible for the mis-association pictured here to happen without the users knowledge. Even worse, the badguy access point here could just have easily set its SSID to goodguy, making it even easier for the mis-association to occur, and making it that much more difficult for the user to detect.

    Such is the threat of rogue APs in wireless environments.


LANS EN VERCORS PROGRAMME VILLARD DE LANS … · programme animations lans en vercors villard de lans correnÇon en vercors saint nizier du moucherotte du 10 août au 1er septembre

LANS EN VERCORS PROGRAMME VILLARD DE LANS … · programme animations lans en vercors villard de lans correnÇon en vercors saint nizier du moucherotte du 10 août au 1er septembre

Documents
Redes Lans

Redes Lans

Documents
LANs and WLANs LANs and WLANs1. Network Building Blocks Wired Networks Wireless Networks Using LANs Security Through Encryption LANs and WLANs2

LANs and WLANs LANs and WLANs1. Network Building Blocks Wired Networks Wireless Networks Using LANs Security Through Encryption LANs and WLANs2

Documents
Research on Wi-Fi indoor positioning in a smart …...of the mobile Internet, Wi-Fi hotspots have been cov-ered in most public indoor areas of the city, and Wi-Fi wireless LANs have

Research on Wi-Fi indoor positioning in a smart …...of the mobile Internet, Wi-Fi hotspots have been cov-ered in most public indoor areas of the city, and Wi-Fi wireless LANs have

Documents
7 Wireless Lans

7 Wireless Lans

Documents
Wireless LANs

Wireless LANs

Documents
Wireless LANs - sistel-networking.it · build a wireless network and extend the wireless range of the existing wireless network. Outdoor Wi-Fi Networking Outdoor Wi-Fi LAN Solution

Wireless LANs - sistel-networking.it · build a wireless network and extend the wireless range of the existing wireless network. Outdoor Wi-Fi Networking Outdoor Wi-Fi LAN Solution

Documents
Ethernet LANs

Ethernet LANs

Documents
Cisco novinky pro Wi-Fi řešení novinky pro Wi-Fi řešení ... Mobile Device Proliferation Is Forcing Network Leaders to Redesign Enterprise Wireless LANs, ... Next-Generation Wave

Cisco novinky pro Wi-Fi řešení novinky pro Wi-Fi řešení ... Mobile Device Proliferation Is Forcing Network Leaders to Redesign Enterprise Wireless LANs, ... Next-Generation Wave

Documents
LANSERHOF LANS

LANSERHOF LANS

Documents
Switched and Wireless LANs. 2 Shared media LANs u Limits to Shared Media LANs –FDDI, 100Base-X, 100VG-AnyLAN all shared media LANs v Only one station

Switched and Wireless LANs. 2 Shared media LANs u Limits to Shared Media LANs –FDDI, 100Base-X, 100VG-AnyLAN all shared media LANs v Only one station

Documents
Securing IEEE802.11 Wireless LANs · Wireless Fidelity Alliance, Wi-Fi, Wi-Fi Protected Access, WPA, WPA2, Temporal Key Integrity Protocol, TKIP, CCMP, transition security network,

Securing IEEE802.11 Wireless LANs · Wireless Fidelity Alliance, Wi-Fi, Wi-Fi Protected Access, WPA, WPA2, Temporal Key Integrity Protocol, TKIP, CCMP, transition security network,

Documents
Chapter 6 High-Speed LANs 1 Chapter 6 High-Speed LANs

Chapter 6 High-Speed LANs 1 Chapter 6 High-Speed LANs

Documents
Chapter 1 on current and next-generation wireless networks. ... Wireless LANs Satellite Systems ... including IEEE 802.11n (Wi-Fi), IEEE 802.11ac (Wi-Fi), HSPA+ (3G

Chapter 1 on current and next-generation wireless networks. ... Wireless LANs Satellite Systems ... including IEEE 802.11n (Wi-Fi), IEEE 802.11ac (Wi-Fi), HSPA+ (3G

Documents
Localization in Wireless LANs. Outline Wireless LAN fundamentals Wi-Fi Scanner WLAN Localization Simple Point Matching Area Based Probability

Localization in Wireless LANs. Outline Wireless LAN fundamentals Wi-Fi Scanner WLAN Localization Simple Point Matching Area Based Probability

Documents
Connecting LANs, Backbone Networks, andVirtual LANs · 2012. 6. 26. · CHAPTER 15 Connecting LANs, Backbone Networks, andVirtual LANs LANs do not normally operate in isolation. They

Connecting LANs, Backbone Networks, andVirtual LANs · 2012. 6. 26. · CHAPTER 15 Connecting LANs, Backbone Networks, andVirtual LANs LANs do not normally operate in isolation. They

Documents
Wireless, Mobile Networks6-1 Chapter 6 outline 6.1 Introduction Wireless 6.2 Wireless links, characteristics CDMA 6.3 IEEE 802.11 wireless LANs (“Wi-Fi”)

Wireless, Mobile Networks6-1 Chapter 6 outline 6.1 Introduction Wireless 6.2 Wireless links, characteristics CDMA 6.3 IEEE 802.11 wireless LANs (“Wi-Fi”)

Documents
wired lans

wired lans

Technology
6: Wireless and Mobile Networks6-1 Chapter 6 outline 6.1 Introduction Wireless r 6.3 IEEE 802.11 wireless LANs (“wi-fi”) r 8.8 Securing wireless LANs

6: Wireless and Mobile Networks6-1 Chapter 6 outline 6.1 Introduction Wireless r 6.3 IEEE 802.11 wireless LANs (“wi-fi”) r 8.8 Securing wireless LANs

Documents
Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs

Chapter 16 Connecting LANs, Backbone Networks, and Virtual LANs

Documents
Mobility “Unplugged”: Technologies, policy challenges ... · Wireless LANs • Most popular is currently 802.11b (IEEE standard) or Wi-Fi (“hotspots”) – Range is limited

Mobility “Unplugged”: Technologies, policy challenges ... · Wireless LANs • Most popular is currently 802.11b (IEEE standard) or Wi-Fi (“hotspots”) – Range is limited

Documents
6-1 Chapter 6 outline Introduction Wireless r Wireless links, characteristics r IEEE 802.11 wireless LANs (“wi-fi”) Mobility r Principles: addressing and

6-1 Chapter 6 outline Introduction Wireless r Wireless links, characteristics r IEEE 802.11 wireless LANs (“wi-fi”) Mobility r Principles: addressing and

Documents
Week 3 1 Week 3 Virtual LANs, Wireless LANs, PPP, ATM

Week 3 1 Week 3 Virtual LANs, Wireless LANs, PPP, ATM

Documents
Design and Deployment of Wireless LANs for Mobile Applicationsnoc.ucsc.edu/docs/Wi-Fi/Deploy-WiFi-LANs-2015.pdf · 2015-02-12 · Design and Deployment of Wireless LANs for Mobile

Design and Deployment of Wireless LANs for Mobile Applicationsnoc.ucsc.edu/docs/Wi-Fi/Deploy-WiFi-LANs-2015.pdf · 2015-02-12 · Design and Deployment of Wireless LANs for Mobile

Documents
Usable Security for Wi-Fi LANs Dr. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh jcb@cs.pitt.edu Joint work with Haidong Xia

Usable Security for Wi-Fi LANs Dr. José Carlos Brustoloni Dept. Computer Science University of Pittsburgh [email protected] Joint work with Haidong Xia

Documents
IEEE 802.11 Wireless LANs Part I: Basicsjain/cse574-20/ftp/j_05lan.pdf · 2020. 9. 21. · IEEE 802.11 vs. Wi-Fi IEEE 802.11 is a standard Wi-Fi = “Wireless Fidelity” is a trademark

IEEE 802.11 Wireless LANs Part I: Basicsjain/cse574-20/ftp/j_05lan.pdf · 2020. 9. 21. · IEEE 802.11 vs. Wi-Fi IEEE 802.11 is a standard Wi-Fi = “Wireless Fidelity” is a trademark

Documents
1 Chapter 6: Wireless and Mobile Networks Objectives Introduction Wireless links, characteristics CDMA IEEE 802.11 wireless LANs (“wi-fi”) Cellular

1 Chapter 6: Wireless and Mobile Networks Objectives Introduction Wireless links, characteristics CDMA IEEE 802.11 wireless LANs (“wi-fi”) Cellular

Documents
Connecting LANs

Connecting LANs

Documents
Lans switchadaspractica3

Lans switchadaspractica3

Education
Re-usable metadata, re-usable content

Re-usable metadata, re-usable content

Education