IJCSIS International Journal of Computer Science and Information Security Vol 10 No 4 April 20

Document Sample
IJCSIS International Journal of Computer Science and Information Security Vol 10 No 4 April 20 Powered By Docstoc
					                                                 (IJCSIS) International Journal of Computer Science and Information Security,
                                                 Vol. 10, No. 4, April 2012

                        *WellFare Institute of Science, Technology & Management.
                                  **BVC college of engineering
                            Dr.KV Subbha Reddy Institute of Technology, Kurnool

                                                                 The popularity of wireless Networks is a testament
Abstract: - Wireless networking provides many                   primarily to their convenience, cost efficiency, and ease
advantages, but it also coupled with new security               of integration with other networks and network
threats and alters the organization’s overall                   components. The majority of computers sold to
information     security   risk    profile.   Although          consumers today come pre-equipped with all necessary
implementation of technological solutions is the usual          wireless Networks technology. The benefits of wireless
respond     to    wireless   security    threats   and          Networks include: Convenience, Mobility, Productivity,
vulnerabilities, wireless security is primarily a               Deployment, Expandability and Cost. Wireless Network
management issue. Wireless networks, in general, are            technology, while replete with the conveniences and
more vulnerable to security attacks than wired                  advantages described above has its share of downfalls.
networks, due to the broadcast nature of the                    For a given networking situation, wireless Networks may
transmission medium. Furthermore, wireless sensor               not be desirable for a number of reasons. Most of these
networks have an additional vulnerability because               have to do with the inherent limitations of the technology.
nodes are often placed in a hostile or dangerous                The disadvantages of using a wireless network are:
environment where they are not physically protected.            Security, Range, Reliability, and Speed. Wireless
In a wireless network, based on threats and security,           Networks present a host of issues for network managers.
we come across the security mechanisms and the                  Unauthorized access points, broadcasted SSIDs, unknown
different types of security level for overcoming the            stations, and spoofed MAC addresses are just a few of the
problem of attacks.                                             problems addressed in WLAN troubleshooting. Most
                                                                network analysis vendors, such as Network Instruments,
Keywords: - Wireless Security, Wireless Threats,                Network      General,    and    Fluke,     offer    WLAN
Security network, Wireless security, Security level             troubleshooting tools or functionalities as part of their
                                                                product line.

     1. INTRODUCTION                                            2. LITERATURE REVIEW AND METHODOLOGY

Wireless networking presents many advantages                     2.1. Security threats
Productivity improves because of increased Accessibility        Wireless networks, in general, are more vulnerable to
to information resources. Network configuration and             security attacks than wired networks, due to the broadcast
reconfiguration is easier, faster, and less expensive.          nature of the transmission medium. Furthermore, wireless
However, wireless technology also creates new threats
                                                                sensor networks have an additional vulnerability because
and alters the existing information security risk profile.
For example, because communications takes place                 nodes are often placed in a hostile or dangerous
"through the air" using radio frequencies, the risk of          environment where they are not physically protected.
interception is greater than with wired networks. If the
message is not encrypted, or encrypted with a weak              2.1.1 Accidental association
algorithm, the attacker can read it, thereby compromising       Unauthorized access to company wireless and wired
confidentiality. Although wireless networking alters the        networks can come from a number of different methods
risks associated with various threats to security, the          and intents. One of these methods is referred to as
overall security objectives remain the same as with wired       “accidental association”. When a user turns on a computer
networks: preserving confidentiality, ensuring integrity,       and it latches on to a wireless access point from a
and maintaining availability of the information and             neighboring company’s overlapping network, the user
information systems. The objective of this paper is to          may not even know that this has occurred. However, it is
assist managers in making such decisions by providing th-       a security breach in that proprietary company information
em with a basic understanding of the nature of the various      is exposed and now there could exist a link from one
threats associated with wireless networking and available       company to the other. This is especially true if the laptop
countermeasures.                                                is also hooked to a wired network.

                                                                2.1.2 Malicious association

                                                                                            ISSN 1947-5500
                                                 (IJCSIS) International Journal of Computer Science and Information Security,
                                                 Vol. 10, No. 4, April 2012

                                                                  two-party communication case, data authentication can be
“Malicious associations” are when wireless devices can            achieved through a purely symmetric mechanism: The
be actively made by crackers to connect to a company              sender and the receiver share a secret key to compute a
network through their cracking laptop instead of a                message authentication code (MAC) of all communicated
company access point (AP). These types of laptops are             data. When a message with a correct MAC arrives, the
known as “soft APs” and are created when a cracker runs           receiver knows that it must have been sent by the sender.
some software that makes his/her wireless network card
look like a legitimate access point. Once the cracker has          Access Control: Unauthorized nodes should not be able
gained access, he/she can steal passwords, launch attacks         to participate in the network by either acting as a router or
on the wired network, or plant trojans. Since wireless            injecting new traffic. By including message authentication
networks operate at the Layer 2 level, Layer 3 protections        code (MAC) with the packet, unauthenticated nodes will
such as network authentication and virtual private                not be able to send legitimate messages into the network.
networks (VPNs) offer no barrier. Wireless 802.1x                 Semantic security: Semantic security ensures that an
authentications do help with protection but are still             eavesdropping adversary cannot obtain information about
vulnerable to cracking. The idea behind this type of attack       the plaintext, even if it sees multiple encryptions of the
may not be to break into a VPN or other security                  same message. The lack of semantic security makes
measures. Most likely the cracker is just trying to take          traffic analysis easy. One common method of achieving
over the client at the Layer 2 level.                             this in symmetric block cipher is to use an Initial Value in
                                                                  the encryption function; this value may be a random value
2.1.3 Ad-hoc networks                                             sent with the message or kept implicitly by both parties as
                                                                  a counter or the clock value.
Ad-hoc networks can pose a security threat. Ad-hoc                Message replay protection: Even if messages are
networks are defined as peer-to-peer networks between             cryptographically protected so that their contents cannot
wireless computers that do not have an access point in            be inferred or forged, an attacker would be able to capture
between them. While these types of networks usually               valid messages and replay them later. Thus, independence
have little protection, encryption methods can be used to         on what mechanism is selected to secure the messages,
provide security.                                                 that mechanism must be protected against replay attacks.
                                                                  Replay protection guarantees the system is immune to the
2.2.1. Security Analysis                                          stale or falsely located information. Generally, replay
                                                                  attacks can be defeated at the price of network
In this section we discuss the major security concerns in         synchronization and additional communication overhead.
wireless sensor networks and their corresponding                  Freshness: Given that all sensor networks stream some
requirements. Confidentiality: Unauthorized parties               forms of time varying measurements, it is not enough to
should not be able to infer the content of messages. Due          guarantee confidentiality and authentication; we also must
to the shared wireless medium, the adversary can                  ensure each message is fresh. Informally, data freshness
eavesdrop on the messages exchanged between sensor                implies that the data is recent, and it ensures that no
nodes. To prevent the release of message content to               adversary replayed old messages. Two types of freshness
eavesdroppers, efficient cryptographies can be used for           are identified: weak freshness, which provides partial
message encryption before transmissions.                          message ordering, but carries no delay information, and
                                                                  strong freshness, which provides a total order on a request
Integrity: The receiver should be able to detect any              response pair, and allows for delay estimation. Weak
modifications to a received message during its                    freshness is required by sensor measurements, while
transmission. This prevents, for example, man-in-the              strong freshness is useful for time synchronization within
middle attacks where an adversary overhears, alters, and          the network.
re-broadcasts messages. By including message
authentication codes (MAC), a cryptographically strong            2.3. Security mechanisms
un-forgeable hash, with the packet, the packet integrity
can be protected. Using a secret key for code generation,         The security of wireless sensor networks has attracted a
unauthenticated nodes will not be able to alter the content       lot of attention in the recent years. Many researchers have
of legitimate messages in the network. Authentication:            proposed some security mechanisms. In the section, we
Message authentication is important for many                      primarily introduce several ones.
applications in sensor networks. Within the building              Localized Encryption and Authentication Protocol
sensor network, authentication is necessary for many              (LEAP) provides multiple keying mechanisms that can be
administrative tasks (e.g. network reprogramming or               used for providing confidentiality and authentication in
controlling sensor node duty cycle). At the same time, an
                                                                  sensor networks. It supports the establishment of four
adversary can easily inject messages, so the receiver
needs to make sure that the data used in any decision-            types of keys for each sensor node – an individual key
making process originates from the correct source.                shared with the base station, a pair wise key shared with
Informally, data authentication allows a receiver to verify       another sensor node, a cluster key shared with multiple
that the data really was sent by the claimed sender. In the       neighboring nodes, and a group key that is shared by all

                                                                                               ISSN 1947-5500
                                                   (IJCSIS) International Journal of Computer Science and Information Security,
                                                   Vol. 10, No. 4, April 2012

the nodes in the network. Now each of these keys is               Interception and alteration of wireless transmissions
discussed and established in the LEAP protocol.                   represents a form of "man-in the middle “attack. Two
                                                                  types of countermeasures can significantly reduce the risk
3. COUNTERMEASURES TO REDUCE THE RISK                             of such attacks: strong encryption and strong
OF SECURITY ATTACKS                                               authentication of both devices and users.

Wireless communications are also vulnerable to denial-of-         4. COUNTERMEASURES TO SECURE WIRELESS
                                                                  ACCESS POINTS
service (DoS) attacks. Organizations can take several
                                                                  Organizations can reduce the risk of unauthorized access
steps to reduce the risk of such unintentional DoS attacks.       to wireless networks by taking these three steps:
Careful site surveys can identify locations where signals         1. Eliminating rogue access points;
from other devices exist; the results of such surveys             2. Properly configuring all authorized access points; and
should be used when deciding where to locate wireless             3. Using 802.1x to authenticate all devices
access points. Regular periodic audits of wireless
networking activity and performance can identify problem          4.1.1 Eliminate Rogue Access Points
                                                                  The best method for dealing with the threat of rogue
areas; appropriate remedial actions may include removal
                                                                  access points is to use 802.1x on the wired network to
of the offending devices or measures to increase signal           authenticate all devices that are plugged into the network.
strength and coverage within the problem area. The nature         Using 802.1x will prevent any unauthorized devices from
of wireless communications creates three basic threats:           connecting to the network.
Interception, Alteration and Disruption.
                                                                  4.1.2 Secure Configuration of Authorized Access
3.1 Protecting the Confidentiality of Wireless                    Points
Transmissions                                                     Organizations also need to ensure that all authorized
                                                                  wireless access points are securely configured. It is
Two types of countermeasures exist for reducing the risk          especially important to change all default settings because
of eavesdropping on wireless transmissions. The first             they are well known and can be exploited by attackers.
involves methods for making it more difficult to locate
and intercept the wireless signals. The second involves           4.1.3 Use 802.1x to Authenticate all Devices
the use of encryption to preserve confidentiality even if         Strong authentication of all devices attempting to connect
the wireless signal is intercepted.                               to the network can prevent rogue access points and other
                                                                  unauthorized devices from becoming insecure backdoors.
                                                                  The 802.1x protocol discussed earlier provides a means
3.1.1 Signal-Hiding Techniques In order to intercept              for strongly authenticating devices prior to assigning them
wireless transmissions, attackers first need to identify and      IP addresses.
locate wireless networks. There are, however, a number
of steps that organizations can take to make it more              5. Securing Wireless Client Devices
difficult to locate their wireless access points. The easiest     Two major threats to wireless client devices are (1) loss or
and least costly include the following: Turning off the           theft, and (2) compromise. Loss or theft of laptops and
service set identifier (SSID) broadcasting by wireless            PDAs is a serious problem. laptops and PDAs often store
access points, Assign cryptic names to SSIDs, Reducing            confidential and proprietary information. Consequently,
signal strength to the lowest level that still provides           loss or theft of the devices may cause the organization to
requisite coverage or Locating wireless access points in          be in violation of privacy regulations involving the
the interior of the building, away from windows and               disclosure of personal identifying information it has
exterior walls. More effective, but also more costly              collected from third parties. Another threat to wireless
methods for reducing or hiding signals include: Using             client devices is that they can be compromised so that an
directional antennas to constrain signal emanations within        attacker can access sensitive information stored on the
desired areas of coverage or Using of signal emanation-           device or use it to obtain unauthorized access to other
shielding techniques, sometimes referred to as                    system resources.
TEMPEST, 1 to block emanation of wireless signals.
                                                                  6. Securing Wireless Networks
3.1.2 Encryption The best method for protecting the                  6.1 Use of Encryption
confidentiality of information transmitted over wireless
networks is to encrypt all wireless traffic. This is              The most effective way to secure your wireless network
especially important for organizations subject to                 from intruders is to encrypt, or scramble, communications
regulations.                                                      over the network. Most wireless routers, access points,
                                                                  and base stations have a built-in encryption mechanism. If
3.1.3 Preventing Alteration of Intercepted                        your wireless router doesn’t have an encryption feature,
Communications                                                    consider getting one that does. Manufacturers often

                                                                                              ISSN 1947-5500
                                                  (IJCSIS) International Journal of Computer Science and Information Security,
                                                  Vol. 10, No. 4, April 2012

deliver wireless routers with the encryption feature turned
off. You must turn it on.                                        REFERENCES

6.2 Use anti-virus and anti-spyware software, and a              [1] Graham, E., Steinbart, P.J. (2006) Wireless Security
firewall                                                         [2] Cisco. (2004). Dictionary attack on Cisco LEAP
                                                                 vulnerability, Revision 2.1, July 19.
Computers on a wireless network need the same                    [3] CSI. (2004). CSI/FBI Computer Crime and Security
protections as any computer connected to the Internet.           Survey.
Install anti-virus and anti-spyware software, and keep           [4] Hopper, D. I.(2002). Secret Service agents probe
them up-to-date. If your firewall was shipped in the “off”       wireless networks in Washington.
mode, turn it on.                                                [5] Kelley, D. (2003). The X factor: 802.1 xs may be just
                                                                 what you need to stop intruders from accessing your
6.3 Turn off identifier broadcasting
                                                                 network. Information Security, 6(8), 60-69.
Most wireless routers have a mechanism called identifier         [6] Kennedy, S. (2004). Best practices for wireless
broadcasting. It sends out a signal to any device in the         network security. Information Systems Control Journal
vicinity announcing its presence. You don’t need to              (3).
broadcast this information if the person using the network       [7] McDougall, P. (2004, March 25). Laptop theft puts
already knows it is there. Hackers can use identifier            GMAC customers’ data at risk. Information Week
broadcasting to home in on vulnerable wireless networks.
                                                                 Security Pipeline.
Disable the identifier broadcasting mechanism if your
wireless router allows it.                                       [8] F. Akyildiz, W. Su, Y. Sankarasubramaniam, and
                                                                 E.Cayirci, “A survey on sensor networks,”
6.4 Change the identifier on your router from the                IEEECommunications Magazine, vol. 40, no. 8, pp.
default                                                          102–114, August 2002.
                                                                 [9] F. Stajano, R. Anderson, “The Resurrecting Duckling:
The identifier for your router is likely to be a standard,       Security Issues for Ad-hoc Wireless Networks”, 3rd
default ID assigned by the manufacturer to all hardware
                                                                 AT&TSoftware Symposium, Middletown, NJ, October
of that model. Even if your router is not broadcasting its
identifier to the world, hackers know the default IDs and        1999.
can use them to try to access your network. Change your          [10] C.In tanagonwiwat, R.Govindan and D.Estrin.
identifier to something only you know, and remember to           Directed diffusion: A scalable and robust communication
configure the same unique ID into your wireless router           paradigm for sensor networks In Proc. of MobiCOM’00,
and your computer so they can communicate. Use a                 Boston, Massachusetts, August 2000.
password that’s at least 10 characters long: The longer
                                                                 [11] C.Karlof, Y.Li, and J.P olastre.ARRIVE: An
your password, the harder it is for hackers to break.
                                                                 Architecture for Robust Routing In Volatile Environments
                                                                 Technical Report UCB/CSD-03-1233, University of
CONCLUSION                                                       California at Berkeley, Mar.2003.
                                                                 [12] S.Madden, R.Szewczyk, M.Franklin, and D.Culler.
For facing the problem of wireless attacks we got security       Supporting Aggregate Queries over Ad-Hoc Wireless
mechanisms and based on that we are having the solution          Sensor Networks. In 4th IEEE Workshop on Mobile
of overcome the problem through different types of
                                                                 Computing Systems & Applications, June 2002.
security level which based on different data when it is
being transmit. This paper discussed the threats and             [13] L. Eschenauer and V. D.Geiger, “A key-management
vulnerabilities associated with each of the three basic          scheme for distributed sensor networks,” in Proceedings
technology components of wireless networks (clients,             of 9th ACM Conference on Computer and
access points, and the transmission medium) and                  Communication Security (CCS-02), November 2002,
described various commonly available countermeasures             pp.41-47.
that could be used to mitigate those risks. It also stressed
the importance of training and educating users in safe           [14] H. Chan, A. Perrig, and D. Song, “Random key
wireless networking procedures.                                  predistribution schemes for sensor networks,” in
                                                                 Proceedings of 2003 Symposium on Security and Privacy.
ACKNOWLEDGEMENT                                                  Los Alamitos, CA: IEEE Computer Society, May 11–14
Thanks to Management of WellFare Group of Companies              2003, pp.197-215.
and to the Chairman Mrs.M.Aruna Kumari of WellFare
Institute of Science Technology & Management.

                                                                                             ISSN 1947-5500
                                      (IJCSIS) International Journal of Computer Science and Information Security,
                                      Vol. 10, No. 4, April 2012


Mr.B.kiran Kumar working as an Asst.Prof in          Mr.D.Siva Prasad working as an Asst.Prof in
WellFare college of Science, Technology &            WellFare college of Science, Technology &
Management Visakhapatnam. He completed
his Master Degree in Information Technology          Management Visakhapatnam. He completed
from Gitam University. He has a good                 his Master Degree in CSE from JNTUK
teaching experience and having a good                University. He has a 6 years good teaching
knowledge on Information Security.                   experience and having a good knowledge on
                                                     Information Security.

Mr.R.VishnuMurthy working as Asst.Prof in
BVC College of Engg, Rajahamundry.He
completed his M.Tech in Information
Technology from Gitam University. He has
Good teaching experience and good
knowledge in Computer Subjects.

Mr.V.MadhuBabu working as Asst.Prof in
Dr.KV Subbha Reddy Institute of Technology
Engineering College, Karnool.He completed
his M.Tech in Information Technology from
Gitam University. He has Good teaching
experience and good knowledge in Computer

                                                                                 ISSN 1947-5500

Shared By: