StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Wireless Security - Research Paper Example

Cite this document
Summary
Recently, wireless networking has become more affordable, available and easy to use. Wireless technology is becoming more common especially in homes where it has been greatly adopted. A wireless network involves the access of internet by computers without using any cables or wires. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.8% of users find it useful
Wireless Security
Read Text Preview

Extract of sample "Wireless Security"

? Wireless Security Introduction Recently, wireless networking has become more affordable, available and easy to use. Wireless technology is becoming more common especially in homes where it has been greatly adopted. A wireless network involves the access of internet by computers without using any cables or wires. This method is convenient because one can work from anywhere in the house or in his business using his or her laptop. It also makes it possible to connect various computers to the internet, which does not require the use of many disorganized wires or cables as can be in wired networks (Onguardonline.gov, 2012). Wireless local area networks (WLANs) have become explosively popular, which have dramatically altered the way in which people access data, surf the internet and read their e-mails. WLANs are now everywhere in libraries, coffee shops, hotels, airports, college campuses, and many other public places. WLANs initially became accessible in 2000 and since then, they have deeply penetrated into people’s everyday lives, becoming widely used amongst individuals and businesses. However, despite its popularity, there are many security threats that are associated with the wireless technology, thereby preventing them from being widely spread. WLANs have been the key targets for attackers because of the mode of wireless transmission and the vulnerabilities exposed to the traditional standards of wireless networks. Owing to the fact that indicators are not restricted to a wire or a cable in a wall, invaders can capture an unencrypted wireless message and read or even alter the private contents of the message. Because the earlier mechanisms used in wireless security did not adequately provide defense against such attacks, WLANs provided an avenue for attackers to access an organization’s network and take away important information (Us-cert.gov, 2008). The Institute of Electrical and Electronic Engineers (IEEE) is the most influential and widely known organization for wireless communications and computer networking. The IEEE dates back to 1884 and it began its work on developing architecture standards in computer networks in the early 1980s. This work was known as Project 802, which quickly expanded into various types of network technology. The IEEE 802.3 was one of the most famous standards developed, which set stipulations for Ethernet local area network technology. In 1990, a committee was formed to come up with a standard for WLANs that would operate at a speed of one and 2Mbps. A number of different proposals were recommended before a draft that went through seven different revisions was developed. In 1997, the IEEE approved and adopted the IEEE 802.11 standard. This was the first WLAN standard which defines the physical (PHY) and the media access control (MAC) layers for a LAN that is wireless connected. It deals with local area networking where the associated devices communicate via air to other devices that are close to each other (Intelligraphics.com, 1995). Although a speed of 2 million bits per second was preferable in 1990 for wireless networks, it was no longer satisfactory for use in modern wireless networks. The IEEE body reviewed the 802.11 standard to determine the possible changes that could be executed to increase the speed. A new IEEE 802.11b amendment was formed in 1999. The amendment included two higher speeds – 5.5 Mbps and 11Mbps to the original speeds of 1Mbps and 2Mbps in 802.11. The new standard (IEEE 802.11b) could support devices that of up to 375 feet(115 meters) away from each other using 2.4GHz radio frequency spectrum. During the same period, the IEEE as well provided another standard with higher speeds. The standard developed was IEEE 802.11a, which indicates a maximum speed of 54Mpbs using the 5GHz radio frequency spectrum. The remarkable achievement of the IEEE 802.11b impelled the IEEE to revisit the 802.11b and 802.11a standards to find out whether they could develop a third intermediary standard (Ciampa, 2009). Ciampa (2009) further explains that the approach adopted would maintain the steady and widely recognized features of 802.11b but amplify the rates of data transfer to the ones similar to 802.11a. The IEEE 802.11g standard was officially approved in 2003. It can support wireless devices that transmit at a speed of 54Mbps. The IEEE has been committed towards increasing the bandwidth since 2004. This has been through working on a new standard called IEEE 802.11n that was expected to be ratified by 2009. Due to the vulnerability of the wireless transmission, to attack by unauthorized parties, the initial IEEE 802.11 committee implemented a number of wireless security protections in the original IEEE 802.11 standard that was approved in 1997. The standard also left other protections to be applied at the discretion of the WLAN vendor. Some of the protections are discussed below. Wired Equivalent Privacy (WEP) is aimed at ensuring that the transmitted wireless message is exclusively accessed and viewed by the authorized parties. This is achieved by taking the plaintext, also called the unencrypted text which is then encrypted or scrambled into ciphertext to ensure that nobody else apart from the authorized individual(s) can view it when it is being transmitted. WEP uses a secret key, which is usually shared between the Access Point (AP) and the wireless client device. The secret key is the same and only known to the parties involved and should be installed on both the AP and the device early in advance before any information can be transmitted. The sender uses the secret key to encrypt the message (plaintext) that is to be sent. The recipient in turn uses it to decrypt the received message. The shared secret keys in IEEE 802.11 WEP must have a length of at least 64 bits. Longer shared secret keys of up to 128- bits are encouraged for security purpose. This is because it becomes almost impossible for any attacker to guess or determine the keys used when long secret keys are used (Us-cert.gov, 2008 & Ciampa, 2009). Wired Equivalent Privacy (WEP) Protocol is a fundamental security aspect in the IEEE 802.11 standard, which is intended to offer privacy over a wireless network through encryption of data sent over the network. However, WEP should not be considered a comprehensive security solution just as is the case in physical security in the wired LAN. This is because it has been discovered that automated tools can be used to crack a WEP key in a few minutes (Infosec.gov.hk, 2010). Therefore, extra security mechanisms should be used to supplement the system. These may include authentication, access control, password protection, end-to-end encryption, firewalls and effective private networks, whenever the significance of the information being protected requires such concern (Cst.gc.ca, 2002). Open system authentication (OSA) is the default method of authentication Protocol for the IEEE 802.11 standard. It is a process through which a computer accesses a wireless network that makes use of the WEP. Through OSA, a computer outfitted with a wireless network can receive unencrypted files and have access to any WEP network. However, OSA is deemed weak because its authentication is based on a match between the service set identifier (SSID) of the wireless access point and the SSID of the computer. This means that for an attacker to be authenticated, he only has to discover a valid SSID. The SSID represents a series of characters that uniquely identifies a WLAN. SSIDs can be determined in various ways, for example by comparing the SSID on an already authenticated device (Rouse, 2008). In shared key authentication, the user is required to use a pre-shared WEP key in encrypting a challenge text that is sent to the AP. The AP responds by decrypting the shared key and confirming that the challenge message is the same. Through this, the AP authenticates the user. However, the process of exchanging the message is vulnerable to a known unencrypted text attack. The vulnerability with the shared key authentication is linked to the mathematical principal of encryption. As a result, an attacker can capture and study both the ciphertext response and the sent plaintext message leading to disclosure of confidential and private information (Roshan & Leary, 2004). Wi-Fi Protected Access (WPA) is a protocol in wireless security that is designed to deal with the known security threats in WEP. WAP gives the users a high assurance that their information will remain protected and confidential using Temporal Key Integrity Protocol (TKIP) for encrypting the message to be sent. For improvement of user authentication, 802.1x has been introduced in the WPA protocol. Nevertheless, since November 2008, weakness in TKIP was discovered where attacker could decrypt short messages and insert arbitrary information into wireless network. Therefore, TKIP encryption should not be considered a secure implementation. Instead, a combination of WPA2 with AES encryption should be considered for use by the new operations (Infosec.gov.hk, 2010). Wi-Fi Protected Access 2 (WPA2) is a new protocol introduced in wireless security. It is based on IEEE 802.11i and it allows only the authorized users to access a wireless device. Its features support powerful cryptography such as Advanced Encryption Standard (AES); key management; data integrity; stronger authentication control for example, Extensible Authentication Protocol (EAP); and replay attack protection. However, it is claimed that in July 2010, WPA2 protocol was discovered to have vulnerability named “Hole 196”. Through this vulnerability, interior authenticated Wi-Fi users could decrypt other people’s private information and inject nasty messages into the wireless network. However, after investigation, it was found that such attacks could not really crack, break or recover any WPA2 encryption keys. Instead, attackers could only pretend to be AP and initiate a man-in-the-middle attack when users attached to them. Furthermore, such attacks would not be successful in a properly organized environment (Infosec.gov.hk, 2010). Symantec.com (2002) explains that when implementing wireless security, one should have an effective WLAN strategy that should involve defining, documenting, standardizing, disseminating, and formulation and enforcement of WLAN security practices and policies. These should include identifying the model, make, settings and configuration of the WLAN equipment approved for use as well as managing and documenting the APs and connected infrastructural network. Wireless APs should be placed in strategic places to prevent interception of the transmissions by attackers. Additionally, wireless coverage should be employed only in places where it is needed. Private firewalls should be used to protect personal devices from launched attacks in the internet or via “air connection”. One should explore the means of protecting the clients, AP and other devices in order to protect his network. Implementation of an overlay WIPS/WIDS (wireless intrusion prevention or detection system), should be implemented for one to overcome the challenges of intrusion. Systems should be put in place to scrutinize and analyze all devices, channels and traffic. For instance, spectrum analysis should be used in order to detect and stop the security threats associated with wireless security (Zorz, M., 2012). Moreover, virtual Private Network (VPN) should be used for better security. This allows one to form an encrypted tunnel for wireless traffic hence limiting the chances of intrusion. The WEP default-vendor supplied key should be changed to a unique secret key and the WEP key should be updated regularly to reduce vulnerability related to WEP keys. The default Service Set Identifier (SSID) should be changed and the automatic SSID broadcast feature disabled (Otey, 2003). Conclusion Wireless networks provide greater flexibility and mobility. Nevertheless, they are also associated with several security threats. They should therefore not be deemed secure enough to provide protection to private or sensitive information except when the service includes non-repudiation and authorization of users, authentication and encryption of messages from end-to-end. It however important to note that none of the computer air interfaces discussed currently enforces or requires all of these measures to enhance security. The default installation used in many of the devices does not implement any security. This leaves the system vulnerable to attacks unless some specific measures are put in place to secure the system (Cse-cst.gc.ca, 2010). Therefore, organizations or individuals should evaluate the security risks associated with WLAN as well as their security needs in reverence to the integrity, availability and confidentiality of their information resources. They should also come up with the appropriate type and level of security measures to be employed in order to mitigate security threats to an acceptable level in the organization. Moreover, unprotected important or confidential information should not be transmitted over the WLAN (Sans.org, 2003). References Ciampa, M. D., & Computing Technology Industry Association, (2009). Security+ guide to network security fundamentals. Australia: Course Technology, Cengage Learning. Cse-cst.gc.ca, (2002). Government of Canada Wireless Vulnerability Assessment. Retrieved from http://www.cse-cst.gc.ca/its-sti/publications/itsb-bsti/itsb02-eng.html Infosec.gov.hk, (2010). Wireless networking security. Retrieved from http://www.infosec.gov.hk/english/technical/files/wireless.pdf Intelligraphics.com, (1995). Introduction to IEEE 802.11. Retrieved from http://www.intelligraphics.com/introduction-ieee-80211 Onguardonline.gov, (2012). Wireless Security (Video). Retrieved from http://onguardonline.gov/media/video-0009-wireless-security 2012. Otey, M. (2003). Tips for Wireless Security. Retrieved from http://www.windowsitpro.com/article/wifi-standards/tips-for-wireless-security Roshan, P. & Leary, J. (2004). 802.11 wireless LAN fundamentals: [a practical guide to understanding, designing, and operating 802.11 WLANs]. Indianapolis, Ind: Cisco. Rouse, M. (2008). Open System Authentication (OSA). Retrieved from http://searchmobilecomputing.techtarget.com/definition/Open-System-Authentication-OSA Sans.org, (2003). Security Guidelines for Wireless LAN Implementation. Retrieved from http://www.sans.org/reading_room/whitepapers/wireless/security-guidelines-wireless-lan-implementation_1233 Symantec.com, (2002). Wireless LAN Security. Retrieved from https://www.symantec.com/avcenter/reference/symantec.wlan.security.pdf Us-cert.gov, (2008). Using Wireless Technology Securely. Retrieved from http://www.us-cert.gov/reading_room/Wireless-Security.pdf Zorz, M. (2012). Wireless security and the enterprise. Retrieved from http://www.net-security.org/article.php?id=1671&p=1 Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Wireless Security Research Paper Example | Topics and Well Written Essays - 1750 words”, n.d.)
Wireless Security Research Paper Example | Topics and Well Written Essays - 1750 words. Retrieved from https://studentshare.org/information-technology/1455943-wireless-security
(Wireless Security Research Paper Example | Topics and Well Written Essays - 1750 Words)
Wireless Security Research Paper Example | Topics and Well Written Essays - 1750 Words. https://studentshare.org/information-technology/1455943-wireless-security.
“Wireless Security Research Paper Example | Topics and Well Written Essays - 1750 Words”, n.d. https://studentshare.org/information-technology/1455943-wireless-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF Wireless Security

Wireless Security in Businesses

Wireless Security is at least as good quality as Internet security.... Impending technologies and values will create Wireless Security better than wireline security.... In addition, work by industry conglomerates sketches new Wireless Security methodologies that deal with the central issues surrounding Wireless Security.... Wireless Security systems ought to be technology-agnostic.... That's for the reason that security is being addressed in the early days of wireless communications....
6 Pages (1500 words) Essay

Mobile and Wireless Security

Thus there exists a requirement to formulate and implement a Wireless Security policy to disallow unauthorized access to the corporate networks using wireless media and allow only approved and authenticated users to be connected.... Increased usage of mobile devices by the work forces in corporate calls for implantation of security measures in wireless networks.... hellip; Since all these devices work on wireless media, obvious vulnerabilities exist....
5 Pages (1250 words) Essay

Wireless Security Best Practices Guide for Business

Forget about the new trends, managing and maintaining the existing ones is so important that any misuse… Keeping this in mind every organization is in search of a good security policy to be jotted down which when followed keeps the company in safe hands.... This paper is all about the security policy which Every company in today's world is run on wireless network technology.... As it is defined in RFC 2196, the IETS's site security Handbook, a security policy is a formal set of rules through which people who are given access to organization's technology and information assets must abide to....
9 Pages (2250 words) Essay

Balance between wireless security and performance

Although they have been accepted as convenient, the wireless… The Wireless Security systems have been scrutinized as being restricted in terms of performance.... Studies have indicated that eavesdropping is quite easier in the Wireless Security than in the Local Area Network.... The Wireless Security systems have been scrutinized as being restricted in terms of performance.... Studies have indicated that eavesdropping is quite easier in the Wireless Security than in the Local Area Network....
2 Pages (500 words) Thesis Proposal

Wireless security beyond 802.1x

1 Wireless Security has been safeguarded with the use of 802.... 1 Wireless Security (Gao, Zheng & Lu, 2015).... The technologies include Wireless Security Beyond 802.... x Grade May 25th Wireless Security Beyond 802.... 1 Wireless Security has been safeguarded with the use of 802.... 1 Wireless Security (Gao, Zheng & Lu, 2015).... x technology as the foundation of Wireless Security....
2 Pages (500 words) Essay

Wireless Security Mechanisms

This essay "Wireless Security Mechanisms" focuses on the information being communicated with the help of a network is absolute without any physical constraints.... As of the start of wireless networking, malicious users can move in the streets in their vehicles to carry out 'wardriving' to find out vulnerable wireless networks.... Driving around a business complex or a neighborhood with a wireless-enabled laptop computer, help in connecting to and recording any number of corporate and private networks....
6 Pages (1500 words) Essay

Wireless Security Policy

The paper "Wireless Security Policy" discusses that the notion of Wireless Security policy is principally viewed to be the basis of an organizations' information security.... Thus, it can be affirmed that First Northern Bank prioritizes strengthening Wireless Security policy in order to make its online banking procedure much safer for the users.... fter acquiring a brief idea about the notion of Wireless Security policy, it can be affirmed that the prime purpose of this policy is to forbid the deployment of unsecured and open wireless network access environments (CSIT, 2008)....
5 Pages (1250 words) Assignment

Wireless Network Security Appliances

Wireless Security appliancesDFL-CPG310 Wireless firewall/VPN security applianceDFL-CPG310 provides security to the network by acting as a Firewall to the network, so that packets do not intrude into the network.... There has been the need to have security in the wireless networks with the increase in the wireless devices which have been Abstract With the advent of many wireless technologies, there are many attacks that are geared towards wireless networks.... There has been the need to have security in the wireless networks with the increase in the wireless devices which have been introduced into the market....
7 Pages (1750 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us