Skip to main content

Wireless Security Threats

Introduction

Wireless networking is becoming the choice for business and home users alike since wireless network is easier and cheaper to configure software and hardware. Therefore, information security is a growing concern as wireless computer networks are on the increase and also due to intruders trying to intercept confidential information.  According to Siep et al. (2000), the standards for wireless computer networks was initiated in 1997. As Stringer (2005) stated, wireless networks can be divided into two architectural modes, namely infrastructure and Ad hoc. In Infrastructure wireless station such as laptops, printers, etc. which communicates with each other and other network resources through an access point, whereas Ad hoc, wireless stations directly communicate with each other. Wireless Ad hoc networks pose many nontrivial challenges to security design than wired networks. This report illustrates how to prevent, detect and the action to be taken when wireless security threats are detected.

 How to prevent?
1.      Change default wireless router password

As Notenboom (2009b, http) stated, a particular type of routers and access points have same default router password, paving the way for attackers to take control of the network easily. Therefore, it is strongly recommended to change default router login details at the outset.

2.      Change router password periodically with strong passwords

Str­­­­­­­­­ong password is needed to protect data since malware does complex spoof attacks simply by altering how and where the router gets its DNS information (Notenboom, 2009a, http). Changing password regularly prevents security breaches by malicious users.

3.      Firewall to break attacks
Firewalls are used to prevent intruders from entering wireless network while controlling spyware, remote login, viruses, spam problems, etc (Tyson, 2000, http). Firewalls can be found as software or hardware. Firewalls can be used to make Demilitarized Zone (DMZ), restricting external access to the network (Gite, 2007, http)



Figure 1: How software firewall works (Max, 2006, http)


4.      Data encryption
According to Ahmad et al. (2003), asymmetric and symmetric are data encryption methods that are used to encrypt data in packets which carries one device to another by blocking intruders (Man-in-the-middle) from accessing data. Receiving device can decrypt data with a key which is known only to sender and receiver.

5.      Set up Access Control List (ACL) in wireless routers
Devices are being protected in wireless network as ACLs that provide users with access and privileges to specific resources. Once ACL is enabled, access is denied for any wireless device which is not in the list (Netgear, 2010, http).

6.      Integrity Controls
Integrity Controls are needed to ensure information from not getting altered or destroyed in an unauthorized manner (Bertino and Sandhu, 2005). As Byun et al (2006) stated, integrity controls can also be used to control information flow, data verification, autonomous data and prevention of fraud and error. 

7.      Turn off unnecessary devices, features and services
Turning off unnecessary features and services when they are not needed will be a safeguard method against intruder attacks. Also turning off wireless network when not being used denies unauthorized access.
Apart from above methods, disabling SSID (Service Set Identifier) broadcast, enabling MAC filtering, disabling DHCP (Dynamic Host Configuration Protocol) and enabling HTTPS are the other important security controls. 

How to detect?
1.      Audit Control Software
Audit control is a fundamental requirement to keep a track of users and their activities, spot suspicious activities, location of users, etc. in wireless network. Therefore, audit controls are useful to detect those who access the network and resources when there is any suspicious activity is surfaced (TheIndustryRadarBusinessNetwork, 2010).

2.      Wireless Intrusion Detection System (WIDS)
According to Poblete (2005), IDS are used to monitor traffic on the network and detect intrusions such as a hacker attempts to break into or misuse a computer system. Poblete further stated WIDS monitor packets on network and attempt to discover whether altering the data has been attempted.


Figure 2: How WIDS works (TechLink, 2010, http)

3.      Honey-pot Network
According to Zolfaghar and Mohammadi (2009) and Guanlin et al. (2009), a honey-pot is designed with false APs or wireless devices, which appears to have value and be an easy target for attackers by being a vulnerable and well-situated entity. Therefore, it is easy to distract intruders or attract and trap attackers who attempt to alter the network.


Figure 3: Honey-pot in a network (Guanlin et al., 2009)


Action to be taken when detected
1.      Change security information
Change login details in router, if possible. If it is not feasible change login details (hackers changed the information), to factory defaults. Then, add necessary security ­­­­or add MAC address filtering and change default password (Hassell, 2006).

2.      Shut down all processes
In order to preserve the state of the network for further investigation shut all processes off (Hassell, 2006). Therefore, it prevents intruders from having access and being hacked further.
3.      Notify stakeholders and important  communities
In order to prevent others from being hacked notify parties of the network (Hassell, 2006). A clear example is credit card counterfeit fraud where so many card issuers could be targeted by fraudsters as all issuing and acquiring institutions are linked to a single hub.

4.      Observe and preserve  evidence to take legal action
Wireless network can be cracked either from inside or outside the network. In order to identify from where the treats came, preserve the scene of crime. This can be done by taking bit-for-bit copy of suspected files or investigating audit logs which have all the events logged (Hassell, 2006).

Summary

This report discussed how to prevent, detect and the action to be taken when wireless security threats are detected. Recovery after intruders attack is not easier and the preventive action is the remedy though it is expensive, which is an intangible investment. The above mentioned actions are necessary to safeguard confidential and important information of the resources in wireless network and also to take follow up actions.
It should also be mentioned that hackers always try to explore new way to counter precautionary measures and hence, the system administrators should be vigilant round the clock.

Bibliography
http://www.myfoxphoenix.com/dpps/news/what-is-wikileaks-dpgoha-20101025-fc_10274726
http://compnetworking.about.com/cs/networksecurity/g/bldef_dmz.htm
http://www.infosecwriters.com/text_resources/pdf/firewall_GGiles.pdf
http://www.infosecwriters.com/text_resources/pdf/Wireless_Hospitals_Barnes.pdf
http://all.net/books/standards/nist-csrc/csrc.nist.gov/publications/nistpubs/800-48/NIST_SP_800-48.pdf
http://www.articlealley.com/article_1490212_11.html
http://www.unixmen.com/linux-tutorials/566-install-samba-server-in-ubuntu-karmic
http://www.youtube.com/watch?v=P_H9BLP-MRw










References

Ahmad, J., Garrison, B., Gruen, J., Kelly, C. & Pankey, H. (2003). 4G Wireless Systems [Online]. Available from: <http://www.google.lk/url?sa=t&source=web&cd=34&ved=0CDEQFjADOB4&url=http%3A%2F%2Fckdake.com%2Fsystem%2Ffiles%2F4gwireless.pdf&ei=0FgRTcSNIoKurAfm54nnCw&usg=AFQjCNHbdqRNh-i6vo1h00nX1mgIsyn32A>.
Bertino, E. & Sandhu, R. (2005). Database security - concepts, approaches, and challenges. Dependable and Secure Computing, IEEE Transactions on, Vol 2,No 1, pp. 2-19.
Byun, J.-W., Sohn, Y. & Bertino, E.  (2006). Systematic control and management of data integrity. Proceedings of the eleventh ACM symposium on Access control models and technologies. Lake Tahoe, California, USA: ACM.
Gite, V. (2007). Linux Demilitarized Zone (DMZ) Ethernet Interface Requirements and Configuration [Online]. nixCraft. Available from: <http://www.cyberciti.biz/faq/linux-demilitarized-zone-howto/> [Accessed 22nd December 2010 2010].
Guanlin, C., Hui, Y. & Zebing, W.(2009). Research of wireless intrusion prevention systems based on plan recognition and honeypot. In:  Wireless Communications & Signal Processing, 2009. WCSP 2009. International Conference on, 13-15 Nov. 2009 2009. pp. 1-5.
Hassell, J. (2006). Checklist: 11 things to do after a hack [Online]. iMix. Available from: <http://conven.imix.co.za/node/61231> [Accessed 23rd December 2010 2010].
Max. (2006). Firewalls (2) - How Firewalls Work  [Online]. Best Security Tips. Available from: <http://www.bestsecuritytips.com/xfsection+article.articleid+2.htm> [Accessed 22nd December 2010].
Netgear. (2010). Securing Your Wireless Network: Access Control List [Online]. Netgear. Available from: <http://kb.netgear.com/app/answers/detail/a_id/13112/~/securing-your-wireless-network:-access-control-list> [Accessed 22nd December 2010 2010].
Notenboom, L. A. (2009a). How do I change my router's password? [Online]. Puget Sound Software, LLC Available from: <http://ask-leo.com/how_do_i_change_my_routers_password.html> [Accessed 21st December 2010 2010].
Notenboom, L. A. (2009b). How do I secure my router? [Online]. Puget Sound Software, LLC Available from: <http://ask-leo.com/how_do_i_secure_my_router.html> [Accessed 21st December 2010 2010].
Poblete, O. (2005). An Overview of the Wireless Intrusion Detection System. SANS Institute InfoSec Reading Room [Online], 1.4. Available from: <http://www.sans.org/reading_room/whitepapers/wireless/overview-wireless-intrusion-detection-system_1599> [Accessed 22nd December 2010].
Siep, T. M., Gifford, I. C., Braley, R. C. & Heile, R. F. (2000). Paving the way for personal area network standards: an overview of the IEEE P802.15 Working Group for Wireless Personal Area Networks. Personal Communications, IEEE, Vol 7,No 1, pp. 37-43.
Stringer, L. (2005). Detecting and Investigating Wireless LAN Security Breaches [Online]. Available from: <http://homepage.ntlworld.com/leon.stringer/cs/FCC/Detecting_and_Investigating_Wireless_LAN_Security_Breaches.pdf>.
TechLink. (2010). Wireless Network Intrusion Detection [Online]. TechLink. Available from: <http://techlinkcenter.org/summaries/wireless-network-intrusion-detection> [Accessed 22nd December 2010].
TheIndustryRadarBusinessNetwork. (2010). Protecting Your Clients and Your Business:  From Risk Assessment to Compliance and Encryption Available from: <http://digitalbenefits.typepad.com/HITECH/HHDummies.pdf> [Accessed 22nd December 2010].
Tyson, J. (2000). How Firewalls Work [Online]. HowStuffWorks, Inc. Available from: <http://www.howstuffworks.com/firewall.htm#> [Accessed 21st December 2010 2010].
Zolfaghar, K. & Mohammadi, S.(2009). Securing Bluetooth-based payment system using honeypot. In:  Innovations in Information Technology, 2009. IIT '09. International Conference on, 15-17 Dec. 2009 2009. pp. 21-25.



 

 


Labels:

Comments

Post a Comment

Popular posts from this blog

D. S. Senanayake College - My Alma Mater

  History In 1967, Minister of Education Hon. I.M.R.A. Iriyagolla began the ground work for establishing the Boys' school in Cinnamon Gardens. It was named after the first prime minister, Hon. D.S. Senanayake of Sri Lanka. Mr. R.I.T. Alles, a teacher of Royal College, Colombo 07 became the Principle of the new school. The location in which the college stands today was at that time called the "Kumbikale", which was cleared with the help of the community and some boy scouts from Royal College. After years of hard work, D.S. Senanayake College opened her doors to youngsters on 10th February 1967. Today The first batch of 167 students was housed in a prefabricated building sheltered by woven coconut leaves. Today it accommodates more than 6500 students from Grade 01 to 13. The ratio of Student : Teacher is now 23 : 1. Currently, 275 teachers are educating students. School colors are Black and Gold where motto is "Country Before Self...
Post a Comment
Read more

Shortcomings of Commonly Used Computer Languages

A.       Typecasting issue in C++ C++ code of type casting, which is considered as an insecured code. The same problem occurred in Ariane 5, which ended up in a crash.  According to (Soulie, 2007) , Type casting is known as converting an expression of a given type into another type. In C, type converstion can be done using,    1.       Implicit Convertion –   one type of data is automatically converted into compatible type of data.    2.       Explicit Convertion – Many conversions, specially thos that imply a different interpreation of the value. It has 4 specific casting operators (dynamic_cast, reinterpret_cast, static_cast and const_cast). Here, the conversion truncates, that is the fractional part is discared. There is a data loss, since the out put is 13, expected output was 14. Remedy – Use static_cast and add 0.5 before casting. c = static_ca...
Post a Comment
Read more

"Hello World" in Different Languages

TRUE STORY!!! And in Binary  :  1000100111010101101011101000000111101010100011101101110111101101010010100010101010101011110101000101010101010101010100100101000101010101110101010100000010111011110110101001010001010101010101111010100010101010101010101010010010100010101010111010 101011001110111101101011101111011010100101000101010101010111101010001010101010101010101001001010001010101011101010100010100010101010101011110101000101010101010101010100100101000101010101110101010.. What the hell? :O Ref -  https://www.facebook.com/photo.php?fbid=554573284591554&set=a.241809332534619.55240.241806149201604&type=1&relevant_count=1&ref=nf
Post a Comment
Read more