Scribd
Upload
15 views18 pages

Chapter 7 - Security

Chapter 7 discusses wireless network threats and vulnerabilities, focusing on WLAN security standards such as WEP, WPA, and WPA2, and their associated risks. It outlines various types of attacks, including passive and active attacks, as well as confidentiality, access control, integrity, availability, and authentication attacks. Additionally, the chapter covers Bluetooth security features and vulnerabilities, along with threats to ad hoc wireless networks.

Uploaded by

epohulll
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
15 views18 pages

Chapter 7 - Security

Chapter 7 discusses wireless network threats and vulnerabilities, focusing on WLAN security standards such as WEP, WPA, and WPA2, and their associated risks. It outlines various types of attacks, including passive and active attacks, as well as confidentiality, access control, integrity, availability, and authentication attacks. Additionally, the chapter covers Bluetooth security features and vulnerabilities, along with threats to ad hoc wireless networks.

Uploaded by

epohulll
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

Chapter 7:

Wireless Network Threats


& Vulnerabilities
Learning Outcomes 2

After this module, a student will be able to:


 Describe different types of attackers
 Describe the vulnerabilities of WLAN in general
 Describe WEP, WPA and WPA2 and their vulnerabilities.
 Explain what’s passive attack and what’s active attack. List
two examples of each types attack.
 Describe confidentiality, access control, availability,
authentication and integrity attacks on WLAN.
 Discuss Bluetooth security features
 Describe Bluetooth vulnerabilities and threats
 Describe the threat models of the Ad Hoc wireless network
WLAN Vulnerabilities 3

 WLAN-Flexibility, cost-effectiveness, & easy of installation


 Use of Radio Frequency
 Difficult to contain the signals
 Vulnerabilities in security standards
 Easy to setup often means more network not properly configured
for secure access
Security Standards 4

 WEP (Wired Equivalent Privacy)


 Created in 1999 by IEEE 802.11b
 Provide same level of privacy as that of wired LAN
 40/104 bit key are static & IV is short
 No effective key management
 Encryption algorithm (RC4) Known flaws
 Easy target for cryptanalysis
 Shouldn’t be used in today’s WLAN
Wi-Fi Protected Access (WPA) 5

 Developed in 2004 by 802.11i to address issues of WEP


 Use 48bits TKIP
 Add Integrity protection
 Enterprise and personal mode
 Enterprise mode use EAP and 802.1x for access control
and authentication
 Backward compatible with old device employs WEP
 Still uses RC4
 Vulnerable to dictionary, brute force, and DoS attacks
WPA2 6

 Successor to WPA, ratified by IEEE 11i in


2004
 Most secure security standard available
 Replace RC4 & TKIP with AES and CCMP
for encryption and authentication
 More seamless roaming
 Still have vulnerability
Enterprise Mode Vs. Personal Mode 7

 Exist in WPA & WPA2


 Same encryption algorithms
 Different authentication method
 Enterprisemode – 802.1x, designed for
organizations
 Personal
mode – pre-shared keys, designed for
home use
Wireless security cheat sheet 8

http://searchnetworking.techtarget.com/feature/Wireless-encryption-
basics-Understanding-WEP-WPA-and-WPA2
Attacks to WLAN 9

Passive attack
Traffic analysis
Active attack
Unauthorized access
Rogue access point
Confidentiality Attacks 10

 Traffic analysis
 Eavesdropping
 Man-in-the-Middle attack
 Evil Twin AP
Access Control Attacks 11

 War driving
 Rogue access point
 MAC address spoofing
 Unauthorized access
Integrity Attack 12

 Session hijacking
 Reply attack
 802.11 frame injection attack
 802.11 data replay attack
 802.11 data deletion
Availability Attacks 13

 DoS/ Queensland DoS


 RF Jamming
 802.11 beacon flood
 802.11 association flood
 802.11 de-authentication
 Fake SSID
 EAPOL flood
 AP theft
Authentication Attack 14

 Dictionary & brute force


 Shared key guessing
 PSK cracking
 Application login theft
 Etc.
Bluetooth Security 15

 Security mode 1
 Security mode 2
 Security mode 3
 Security mode 4
Bluetooth Threats & Vulnerabilities 16

 Vulnerabilities
 Encryption key length negotiate
 No user authentication
 Much more
 Threats
 Bluesnarfing

 Bluejacking

 Bluebugging

 Etc.
Ad Hoc Wireless Network Threats 17

 Internal threats
 External threats
 Routing threats
Reference 18
 Praphul Chandra, Bulletproof Wireless Security: GSM, UMTS,
802.11, and Ad Hoc Security, ELSEVIER, 2005.
 Jim Doherty, Wireless and Mobile Device Security, Jones &
Bartlett Learning, 2016.
 https://www.walshcollege.edu/upload/docs/CyberSpring/
Profile%20of%20a%20Cyber%20Attacker%20Presentation.pd
f
 https://thesai.org/Downloads/Volume5No1/Paper_25-
Wireless_LAN_Security_Threats_Vulnerabilities.pdf
 http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpubli
cation800-121r1.pdf
 https://www.utc.edu/center-information-security-
assurance/pdfs/course-paper-5620-ad-hoc-security.pdf

You might also like