Introduction to Wireless Network

Er. Avinash BhagatUID11002

Assistant ProfessorSchool of Computer Applications

Lovely Professional Universityavinash.bhagat@lpu.co.in

avinash.bhagat@gmail.com9463281930

Wireless Networks Security issues

Chapter 14

Wireless Network Security Requirements

A security protocol for wireless network should satisfy following requirements:

• Confidentiality• Integrity• Availability• Authentication• Non Repudiation

Network security requirementConfidentiality--

only to the intended receiver (Data privacy) information is never released to

unauthorized users

Integrity-

what it was sentno unauthorized modification of resources

4

Network security requirementAvailability: remain operational all the times

Authentication : concerned with verifying the identity of a user

5

Network security requirementNon-repudiation :

sender of the message cant later deny having sent the message the recipient cannot deny having received the message.

ensure that a message was originally sent by the sender and it was verified that the message was received by the recipient.

6

Security in Ad Hoc Wireless NetworksIssues and challenges in security provisioning

Shared broadcast radio channel: The radio channel in wireless networks is broadcast and is shared by all nodes in the network. This problem can be minimized by using directional antennas.

Insecure operational environment: The operating environments where wireless networks are used may not always be secure. For example, battlefields.

7

Security in Ad Hoc Wireless NetworksIssues and challenges in security provisioning

Lack of association: If no proper authentication mechanism is there any node can join and leave the network at any point. An intruder would be able to join into the network quite easily and carry out his / her attacks.

Limited resource availability: Resources such as bandwidth, battery power, and computational power are scarce. It is difficult to implement complex cryptography based security mechanism in wireless networks

8

Security in Ad Hoc Wireless NetworksIssues and challenges in security provisioning

Physical vulnerability: Nodes in these networks are usually compact and hand-held in nature. They could get damaged easily and are also vulnerable to theft.

9

Security Issues LAYER SECURITY ISSUESApplication Layer Detecting and preventing viruses ,

worms , malicious codes.Transport layer Authenticating and securing end to

end communications through data encryption

Network layer Protecting routing and forwarding protocols

Link-layer Protecting the wireless Mac protocol and providing link-layer security support

Physical layer Preventing signal jamming denial- of-service attacks 10

Security Threats• Four types of security threats:

– Interception

– Interruption

–Modifications

–Fabrication

11

Security Threats• Four types of security threats:

– Interception refers to the situation that an unauthorized party has gained access to a service or data.

– Interruption refers to the situation in which services or data become unavailable, unusable, or destroyed.

12

Security Threats• Four types of security threats:

–Modifications involve unauthorized changing of data or tampering with a service.

–Fabrication refers to the situation in which additional data or activity are generated that would normally not exist.

13

Network Security Attacks

14

Security Attacks

Application Layer Attacks Other attacksTransport Layer

AttacksNetwork Layer Attacks

MAC Layer Attacks

Active AttacksPassive Attacks

Snooping

Jamming DoS

Impersonation

Sessionhijacking

Repudiation

Routing attacks

Resource consumption attack

Information disclosure

Byzantine attack

Wormholeattack

Blackhole attackManipulationof network trafficDevice tampering

–Wormhole attack: an attacker receives packets at one location in the network and tunnels them to another location in the network.

15

Network Layer Attacks

–An example is shown in the above figure. Here X and Y are the two end-points of the wormhole link (called as wormholes). X replays in its neighborhood (in area A) everything that Y hears in its own neighborhood (area B) and vice versa.

16

Network Layer Attacks

– The net effect of such an attack is that all the nodes in area A assume that nodes in area B are their neighbors and vice versa.

17

Network Layer Attacks

– This, as a result, affects routing and other connectivity based protocols in the network. Once the new routes are established and the traffic in the network starts using the X-Y shortcut, the wormhole nodes can start dropping packets and cause network disruption.

18

Network Layer Attacks

– They can also spy on the packets going through and use the large amount of collected information to break any network security. The wormhole attack will also affect connectivity-based localization algorithms and protocols based on localization, like geographic routing, will find many inconsistencies resulting in further network disruption.

19

Network Layer Attacks

•Blackhole attack:

In the attack a malicious node falsely advertise good paths (e.g. shortest path or suitable path) to the destination node during path finding process or in route update message. The intention of the malicious node could be to hinder the path finding process or to interrupt all data packets being sent to the concerned node.

20

Network Layer Attacks

•Byzantine attack:– A compromised intermediate node or a set of

compromised nodes could • create routing loops • Routing packets• Routing optimal paths• Selectively dropping packets

21

Network Layer Attacks

• Information disclosure:

–A compromised node may leak confidential information to unauthorized nodes in the network.–Such information may include information

regarding the network topology, geographic location of nodes or optimal route to unauthorized nodes

22

Network Layer Attacks

•Resource consumption attack:

– Bandwidth –Processing Power –Battery Power

23

Network Layer Attacks

•Routing Attacks : Aim at disrupting the operation of the network.

–Routing table overflow–Routing table poisoning –Packet replication–Route cache poisoning

24

Network Layer Attacks

Network layer attacks

• Routing table overflow

– in this type of attack, and adversary node advertise routes to non existent nodes, to the authorized nodes present in the network

– This causes an overflow and prevent the creations of entries corresponding to new routes authorized nodes.

25

Network layer attacks

• Routing table poisoning :– Here the compromised nodes in the networks send

fictitious routing updates or modify geniune routes.– Routing table poisoning may result in sub optimal

routing, congestion in portions of the network or even make some parts of the networks inaccessable.

26

Network layer attacks

• Packet replication:– In this attack an adversary node replicates the stale

packets. This consumes additional bandwidth and battery power resources available to the nodes and also caused unnecessary confusion in the routing process

27

Network layer attacks

• Route cache poisoning:– All the nodes maintain a route cache which holds

information regarding routes that have become known to the node in the recent past.

– Similar to routing table poisoning cache can also be poisoned.

28

Transport Layer AttacksSession hijacking:

–An adversary takes control over a session between two nodes.

–As most authentication process are carried out only at the start of the session, once the session between two nodes get established the adversary node masquerades as one of the end nodes of the session and hijacks the session

29

Application Layer Attacks•Repudiation:

–Repudiation refers to the denial or attempted denial by a node involved in a communication.

30

•Other Attacks

Multi-layer attacks could occur in any layer of the network protocol stack.

31

•Denial of service: An adversary attempts to prevent authorized users from accessing the service.Jamming: Transmitting signals on the frequency of senders and receivers to hinder the communication.

32

•Denial of service: SYN flooding: An adversary node send a large number of SYN packets to a victim node.

Distributed DoS attack: Several adversaries attack a service at the same time.

33

•Other AttacksImpersonationAn adversary assumes the identity and privileges of an

authorized node toMake use of network resources that may not be

available to it under normal circumstances.Disrupt functioning of network by inserting false

routing information on the networkCan get by chance or by guess the authentication of

authorized nodes.Man in the middle attack

34

•Other Attacks

Device Tempering

35

Question Bank

1.Explain network security requirements.2.What are issues and challenges in

security provisioning?3.What are various network layer attacks4.What are various routing attacks5.What is session hijacking?6.What is repudiation attack in wireless

networks36

Question Bank

7.Explain various multilayer attacks in wireless networks.

8.How DoS attack is preformed by adversaries in wireless networks?

9.What are various Impersonation attacks in wireless networks ?

37