Wireless LANs: Components and Security Issues

Slide Note
Embed
Share

Wireless LANs use radio waves to connect users within a building or campus. This technology overview covers IEEE 802.11 standards, migration to WLANs, and connection to wired LANs through access points. Understanding the specialized protocols, security considerations, and performance differences is essential for deploying secure wireless networks.

onik
onik Follow

Uploaded on Sep 12, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. 1. Components Of wireless networks Security issues in wireless

  2. Wireless Technology overview The IEEE 802.11 WLAN Standards Secure Wireless LANs Migrating to Wireless LANs (Cutting the cord)

  3. A wireless LAN or WLAN is a wireless local area network that uses radio waves as its carrier. The last link with the users is wireless, to give a network connection to all users in a building or campus. The backbone network usually uses cables

  4. The wireless LAN connects to a wired LAN There is a need of an access point that bridges wireless LAN traffic into the wired LAN. The access point (AP) can also act as a repeater for wireless nodes, effectively doubling the maximum possible distance between nodes.

  5. Complete Wireless Networks The physical size of the network is determined by the maximum reliable propagation range of the radio signals. Referred to as ad hoc networks Are self-organizing networks without any centralized control Suited for temporary situations such as meetings and conferences. image_1

  6. Wireless LANs operate in almost the same way as wired LANs, using the same networking protocols and supporting the most of the same applications.

  7. They use specialized physical and data link protocols They integrate into existing networks through access points which provide a bridging function They let you stay connected as you roam from one coverage area to another They have unique security considerations They have specific interoperability requirements They require different hardware They offer performance that differs from wired LANs.

  8. Physical Layer: The wireless NIC takes frames of data from the link layer, scrambles the data in a predetermined way, then uses the modified data stream to modulate a radio carrier signal. Data Link Layer: Uses Carriers-Sense-Multiple-Access with Collision Avoidance (CSMA/CA).

  9. Wireless Access Points (APs) - a small device that bridges wireless traffic to your network. Most access points bridge wireless LANs into Ethernet networks, but Token-Ring options are available as well.

  10. Users maintain a continuous connection as they roam from one physical area to another Mobile nodes automatically register with the new access point. Methods: DHCP, Mobile IP IEEE 802.11 standard does not address roaming, you may need to purchase equipment from one vendor if your users need to roam from one access point to another.

  11. In theory, spread spectrum radio signals are inherently difficult to decipher without knowing the exact hopping sequences or direct sequence codes used The IEEE 802.11 standard specifies optional security called "Wired Equivalent Privacy" whose goal is that a wireless LAN offer privacy equivalent to that offered by a wired LAN. The standard also specifies optional authentication measures.

  12. Before the IEEE 802.11 interoperability was based on cooperation between vendors. IEEE 802.11 only standardizes the physical and medium access control layers. Vendors must still work with each other to ensure their IEEE 802.11 implementations interoperate Wireless Ethernet Compatibility Alliance (WECA) introduces the Wi-Fi Certification to ensure cross-vendor interoperability of 802.11b solutions

  13. PC Card, either with integral antenna or with external antenna/RF module. ISA Card with external antenna connected by cable. Handheld terminals Access points

  14. CISCO Aironet 350 series Wireless Handheld Terminal BreezeCOM AP Semi Parabolic Antenna

  15. 802.11a offers speeds with a theoretically maximum rate of 54Mbps in the 5 GHz band 802.11b offers speeds with a theoretically maximum rate of 11Mbps at in the 2.4 GHz spectrum band 802.11g is a new standard for data rates of up to a theoretical maximum of 54 Mbps at 2.4 GHz.

  16. A family of wireless LAN (WLAN) specifications developed by a working group at the Institute of Electrical and Electronic Engineers (IEEE) Defines standard for WLANs using the following four technologies Frequency Hopping Spread Spectrum (FHSS) Direct Sequence Spread Spectrum (DSSS) Infrared (IR) Orthogonal Frequency Division Multiplexing (OFDM) Versions: 802.11a, 802.11b, 802.11g, 802.11e, 802.11f, 802.11i

  17. Most wireless LAN products operate in unlicensed radio bands 2.4 GHz is most popular Available in most parts of the world No need for user licensing Most wireless LANs use spread-spectrum radio Resistant to interference, secure Two popular methods Frequency Hopping (FH) Direct Sequence (DS)

  18. Issues In Wireless Security

  19. (as per the 1999 spec) Authentication Tied to association (session between station and AP) Open system - all stations may associate Shared key - stations must know secret Integrity Privacy

  20. (as per the 1999 spec) Authentication Integrity - Integrity Check (IC) field 32 bit CRC in encrypted payload Not separately keyed Vulnerable to bit-flipping attacks Privacy

  21. (as per the 1999 spec) Authentication Integrity Privacy - Wired Equivalent Privacy (WEP) RC4 cipher (relies on XOR) Up to 4 keys per station (40 bit or 104 bit) Initialization Vector (IV) 24 bit extension to key Provides some randomization to key Unfortunately, keyspace is small!

  22. Say an AP constantly sends 1500 byte frames at 11 Mbps Keyspace is exhausted in 5 hours Will be quicker if packets are smaller Original IV algorithms made things much worse Some cards used same IV for multiple packets Some cards reset IV to 0 after initialization Some cards increment IV by 1 after each packet WEP+ fixed these Weak IV issues

  23. Improve authentication System wide common login Improve integrity Separate integrity key Stronger integrity algorithm Improve privacy Increase keyspace size (make cracker analyze more data in order to recover key) Per -user keys Key rollover Stronger privacy algorithm

  24. IEEE 802.11i - IEEE 802.11 task group MAC enhancement for wireless security Wi-Fi Alliance WPA - subset of 802.11i Compatible with earlier draft Defined for BSS only Defined for current hardware WPA has two major components Authentication TKIP encryption

  25. Authentication 802.1x (not 802.11x) - defined for both wired and wireless session establishment EAP (Extensible Authentication Protocol) - generic wrapper for authentication traffic EAP impact Authentication is between laptop and server - AP is pretty clueless Different auth methods, updating auth methods do not require upgrades on AP Pre-Shared Key (PSK) - for SOHO networks

  26. Temporal Key Integrity Protocol (TKIP) Stronger privacy Still uses RC-4 encryption Key rollover (temporal key) Stronger integrity Message Integrity Code (MIC) - computed with own integrity algorithm (MICHAEL) Separate integrity key Integrity counter measures

  27. Additions over WPA IBSS (ad-hoc mode) authentication - what does a security context mean without a trusted third party? Is PSK enough? Counter-Mode/CBC-MAC Protocol (CCMP) Privacy: AES-CCM (128 bit key) Integrity: CBC-MAC

  28. Does not secure 802.11 management control and action frames Disassociate, output power, etc. Fundamental dilemma: does 802.11i secure 1. Traffic carried by the network? 2. Network elements themselves?

Related


Understanding IEEE 802.11b Wireless LANs

Understanding IEEE 802.11b Wireless LANs

kenai
Scrolls:Rolling Flexible Surfaces for Wideband Wireless

Scrolls:Rolling Flexible Surfaces for Wideband Wireless

prudence
Understanding Wireless Communication Networks by Dr. K. Gopi at SITAMS

Understanding Wireless Communication Networks by Dr. K. Gopi at SITAMS

thelonious
Understanding LAN Interconnection and Switching Technologies

Understanding LAN Interconnection and Switching Technologies

agros
Understanding Wireless Security Audits and Best Practices

Understanding Wireless Security Audits and Best Practices

muriel
Rate Optimization in Wideband RIS-assisted Wireless Systems

Rate Optimization in Wideband RIS-assisted Wireless Systems

llewellyn
Tamper-Evident Pairing (TEP) Protocol for Secure Wireless Pairing Without Passwords

Tamper-Evident Pairing (TEP) Protocol for Secure Wireless Pairing Without Passwords

quer_sna
A Hybrid Intrusion Detection System Approach for IEEE 802.11 Wireless Networks

A Hybrid Intrusion Detection System Approach for IEEE 802.11 Wireless Networks

leeandrap
Understanding the Roles of a Security Partner

Understanding the Roles of a Security Partner

zaara
Understanding Wireless Power Technology

Understanding Wireless Power Technology

jcasa
Enhancing Wireless Programming Tools for Improved Development Efficiency

Enhancing Wireless Programming Tools for Improved Development Efficiency

attanasio_m
Wireless Sensing Privacy Discussions in May 2023 Document

Wireless Sensing Privacy Discussions in May 2023 Document

arwen
Understanding the Role of Security Champions in Organizations

Understanding the Role of Security Champions in Organizations

irvin
Evolution of Wireless-Wireline Convergence in 5G Networks

Evolution of Wireless-Wireline Convergence in 5G Networks

darya
Understanding Wireless Propagation Models: Challenges and Applications

Understanding Wireless Propagation Models: Challenges and Applications

cea_ly
A Review of Wireless Body Area Networks for Medical Applications

A Review of Wireless Body Area Networks for Medical Applications

michalina
Wireless TSN in 802.11: New Requirements and Integration with 802.1

Wireless TSN in 802.11: New Requirements and Integration with 802.1

jaxxon
Enhancing Throughput in Multi-Hop Wireless Networks Using Reconfigurable Antennas

Enhancing Throughput in Multi-Hop Wireless Networks Using Reconfigurable Antennas

lberk
Understanding Different Types of Wireless Transmission Media

Understanding Different Types of Wireless Transmission Media

wrenlee
Guide to Creating Access from Wired to Wireless Devices Using Airborne AP Ethernet Bridge

Guide to Creating Access from Wired to Wireless Devices Using Airborne AP Ethernet Bridge

clementine
Exploring Considerations for Next-Gen Wireless Networks

Exploring Considerations for Next-Gen Wireless Networks

dennis23
Enhancing Wireless Spectrum Efficiency with Distributed-Tone Resource Units in IEEE 802.11

Enhancing Wireless Spectrum Efficiency with Distributed-Tone Resource Units in IEEE 802.11

honora
The THz Channel Model in Wireless Data Center

The THz Channel Model in Wireless Data Center

aval946
Understanding Wireless Network Threats and Vulnerabilities

Understanding Wireless Network Threats and Vulnerabilities

jes_mcg

More Related Content

Understanding VLANs in Computer Networking
Understanding VLANs in Computer Networking
Challenges and Solutions in Wireless Ad Hoc Networks
Challenges and Solutions in Wireless Ad Hoc Networks
International Approaches to Enhance Nuclear Safety and Security
International Approaches to Enhance Nuclear Safety and Security
Understanding Wireless Wide Area Networks (WWAN) and Cellular Network Principles
Understanding Wireless Wide Area Networks (WWAN) and Cellular Network Principles
Understanding Cyber Security and Risks
Understanding Cyber Security and Risks
Overview of Social Security and Health Care System in Turkey
Overview of Social Security and Health Care System in Turkey
Legal Framework on Information Security in the Ministry of Trade, Tourism, and Telecommunication
Legal Framework on Information Security in the Ministry of Trade, Tourism, and Telecommunication
Overhead Analysis of Coordinated Spatial Reuse in IEEE 802.11-23
Overhead Analysis of Coordinated Spatial Reuse in IEEE 802.11-23
Understanding Provable Security Models in Cryptography
Understanding Provable Security Models in Cryptography
Comprehensive Guide to Designing Physical Security and Security Planning by Susan Lincke
Comprehensive Guide to Designing Physical Security and Security Planning by Susan Lincke
Certification and Training in Information Security
Certification and Training in Information Security
Enhancing SWIFT Security Measures for ReBIT: March 2018 Update
Enhancing SWIFT Security Measures for ReBIT: March 2018 Update
Evolving Security Practices in DevOps: A Holistic Approach
Evolving Security Practices in DevOps: A Holistic Approach
Understanding Computer Security Principles and Practices
Understanding Computer Security Principles and Practices
Understanding Security Threats and Countermeasures
Understanding Security Threats and Countermeasures
Designing Distributed and Internet Systems
Designing Distributed and Internet Systems
Understanding Internet Connections and Services
Understanding Internet Connections and Services
Understanding Token Ring Technology in Computer Networks
Understanding Token Ring Technology in Computer Networks
BCA 601(N): Computer Network Security
BCA 601(N): Computer Network Security
Enhancing Security Definitions for Functional Encryption
Enhancing Security Definitions for Functional Encryption
TSA Updates on Security Training Rule for OTRB Companies
TSA Updates on Security Training Rule for OTRB Companies
AEP Enterprise Security Program Overview - June 2021 Update
AEP Enterprise Security Program Overview - June 2021 Update
Understanding Transport Layer Security (TLS)
Understanding Transport Layer Security (TLS)
Understanding Security Onion: Network Security Monitoring Tools
Understanding Security Onion: Network Security Monitoring Tools