Page 215 - DCAP311_DCAP607_WIRELESS_NETWORKS
P. 215
Unit 13: Wireless Networks Security
Notes
Did u know? In a home wireless network, you can use a variety of simple security procedures
to protect your Wi-Fi connection. These include enabling Wi-Fi Protected Access, changing
your password or network name (SSID) and closing your network. However, you can also
employ additional, more sophisticated technologies and techniques to further secure your
business network.
13.2 Security Threats
All computer systems and communications channels face security threats that can compromise
systems, the services provided by the systems, and/or the data stored on or transmitted between
systems. The most common threats are:
z z Denial-Of-Service (DOS) occurs when an adversary causes a system or a network to
become unavailable to legitimate users or causes services to be interrupted or delayed.
Consequences can range from a measurable reduction in performance to the complete
failure of the system. A wireless example would be using an external signal to jam the
wireless channel. There is little that can be done to keep a serious adversary from mounting
a denial of service attack.
z z Interception has more than one meaning. A user’s identity can be intercepted leading to a
later instance of masquerading as a legitimate user or a data stream can be intercepted and
decrypted for the purpose of disclosing otherwise private information. In either case, the
adversary is attacking the confidentiality or privacy of the information that is intercepted.
z z For example: eavesdropping and capturing the wireless interchanges between a wireless
device and the network access point.
z z Since wireless systems use the radio band for transmission, all transmissions can be readily
intercepted. Therefore, some form of strong authentication and encryption is necessary in
order to keep the contents of intercepted signals from being disclosed.
z z Manipulation means that data has been inserted, deleted, or otherwise modified on a system
or during transmission. This is an attack on the integrity of either the data transmission or
on the data stored on a system. An example would be the insertion of a Trojan program
or virus on a user device or into the network. Protection of access to the network and its
attached systems is one means of avoiding manipulation.
z z Masquerading refers to the act of an adversary posing as a legitimate user in order to gain
access to a wireless network or a system served by the network.
z z For example, a user with inappropriate access to a valid network authenticator could
access the network and perform unacceptable functions (e.g., break into a server and plant
malicious code, etc.). Strong authentication is required to avoid masquerade attacks.
z z Repudiation is when a user denies having performed an action on the network. Users might
deny having sent a particular message or deny accessing the network and performing
some action. Strong authentication of users, integrity assurance methods, and digital
signatures can minimize the possibility of repudiation.
13.3 Traffic Monitoring
13.3.1 Monitoring Requirements
To plan for wireless traffic monitoring, there are few thing to consider. It’s not hard and you just
need to prepare something software and hardware.
LOVELY PROFESSIONAL UNIVERSITY 209
