BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

Size: px

Start display at page:

Download "BSc (Hons.) Computer Science with Network Security. Examinations for 2011/2012 - Semester 2"

Clarence Price
9 years ago
Views:

1 BSc (Hons.) Computer Science with Network Security BCNS/09/FT Examinations for 2011/ Semester 2 MODULE: WIRELESS NETWORK SECURITY MODULE CODE: SECU 3105 Duration: 2 Hours 15 Minutes Reading time: 15 minutes Instructions to Candidates: 1. Answer any four questions out of the six questions. 2. Always start a new question on a fresh page. 3. All questions carry equal marks. 4. Total marks: 100 This question paper contains 6 questions and 7 pages. Page 1 of 7

SECURITY MODULE CODE: SECU 3105 Duration: 2 Hours 15 Minutes Reading time: 15 minutes Instructions to Candidates: 1.

QUESTION 1: (25 MARKS) ANSWER ANY 4 QUESTIONS Consider a number of wireless devices (nodes) which are connected to the Internet via a single access point (AP).

2 QUESTION 1: (25 MARKS) ANSWER ANY 4 QUESTIONS Consider a number of wireless devices (nodes) which are connected to the Internet via a single access point (AP). (a) Give three reasons why security is more of a concern in this type of wireless network? (b) List the three main goals of information security. (c) Explain how CSMA/CA is used with Wireless LANs. (d) Explain the differences between war driving and war flying. (e) Which two conditions have favoured adoption of g over a? (f) Describe the different steps adopted by an attacker during wireless hacking process. (10 marks) Page 2 of 7

(b) List the three main goals of information security. (c) Explain how CSMA/CA is used with Wireless LANs.

3 QUESTION 2: (25 MARKS) The security architecture and protocol is called Wired Equivalent Privacy (WEP) and it is responsible for providing authentication, confidentiality and data integrity in networks. (a) Briefly, explain the differences between Open System Authentication and Shared Key Authentication, as used in WEP. Which one is more secure? (4 + 1 marks) (b) The absence of any key establishment protocol in WEP led to multiple problems. List any three problems. (c) Explain the purpose of using beacons while connecting to wireless LANs. (1 mark) (d) What are the two WEP key lengths? (e) Explain what is meant by the term Initialisation Vector (IV). (f) WEP has been known to have various security vulnerabilities, leading to its failure. i. Describe any three vulnerabilities of using WEP. ii. Briefly explain how FMS attack can be performed and give any one common tool used by attackers. iii. However, even today WEP encryption is still used in some networks. Explain how to best make use of WEP in such networks. ( marks) Page 3 of 7

(a) Briefly, explain the differences between Open System Authentication and Shared Key Authentication, as used in WEP. Which one is more secure?

4 QUESTION 3: (25 marks) (a) Give one reason why WPA2 encryption is preferred over WEP? (b) By using an appropriate diagram, describe how the 802.1x authentication model is mapped to Wi-Fi. (8 marks) (c) What do the following acronyms stand for? i. RADIUS ii. EAPOL (2 + 2 marks) (d) Give two salient features of using AES in counter mode for WPA2. (e) One of the main reasons in using EAP is the ability to leverage multiple types of authentication mechanisms. List any two such authentication mechanisms. (f) Consider the following a list of loopholes found in WEP. Explain how WPA fix each of these loopholes: i. No protection against replay attacks. ii. No support for a station to authenticate a network. iii. Exposing the master key to attacks like FMS (due to generation of perpacket key) ( marks) Page 4 of 7

(e) One of the main reasons in using EAP is the ability to leverage multiple types of authentication mechanisms. List any two such authentication mechanisms.

5 QUESTION 4: (25 marks) Radio Frequency Identification (RFID) is about devices and technology that use radio signals to exchange identifying data. (a) Give two typical uses of RFID systems. (b) Explain the difference between active and passive tags. (c) Explain how complacency can cause serious security problems to businesses adopting RFID technology. (d) Describe two common techniques that fraudsters can adopt in order to temporarily disable RFID tags. (e) Briefly describe any two types of radio frequency manipulation attacks. (f) Briefly explain on the following attacks to RFID systems: i. Relay attack ii. Side channel attack (g) Unauthorized tag reading has often been a security challenge for RFID systems. Describe two mechanisms that can be adopted to enforce confidentiality during transmission of RFID components. Page 5 of 7

(d) Describe two common techniques that fraudsters can adopt in order to temporarily disable RFID tags. (e) Briefly describe any two types of radio frequency manipulation attacks.

6 QUESTION 5: (25 MARKS) (a) Consider the branch of a Wireless Mesh Network (WMN) where a mobile station MS is within the transmission range of TAP 3 and relies on it to get Internet connectivity. i. Explain the function of a TAP. ii. Give two advantages of adopting WMNs. iii. Why is the security of multi-hop routing important in WMNs? iv. Explain any one technique that an adversary can use to attack the routing mechanism in this scenario. v. Give two reasons why WMNs are not ready for wide-scale deployment. ( marks) (b) Vehicular Communications (VC), which is still a research area, is expected to play a central role in the effort to create safer and more efficient driving conditions after a few decades. i. Briefly, describe three security vulnerabilities of VC. ii. Why is privacy an issue in vehicular networks, considering that today's vehicles have license plates? iii. Network volatility is one of the most significant operational challenges to vehicular communications, thus making security a hard problem. Discuss. ( marks) (c) Briefly explain how denial of service attacks are performed on mobile nodes by attackers. Also, describe how Mobile IP prevents such denial of service attacks. (2 + 2 marks) Page 6 of 7

Explain any one technique that an adversary can use to attack the routing mechanism in this scenario. v. Give two reasons why WMNs are not ready for wide-scale deployment.

7 QUESTION 6: (25 MARKS) An overall rise in mobility, coupled with the falling cost of Wi-Fi equipment, has led to a proliferation of Wi-Fi hot spots in public areas, such as coffee shops and airports, to provide Internet accessibility. However, this proliferation has also engendered growing security concerns. (a) By the use of a diagram, describe the typical architecture for Wi-Fi hotspots. (8 marks) (b) List three security vulnerabilities of the controller in Wi-Fi hotspots. (c) In terms of Wi-Fi hotspot security, explain what a service theft attack is. (d) Differentiate between active session hijacking and passive session hijacking. (4 mark) (e) Discuss on the defensive security mechanisms that can be employed in order to better secure public Wi-Fi hotspots. (7 marks) ***END OF QUESTION PAPER*** Page 7 of 7

(8 marks) (b) List three security vulnerabilities of the controller in Wi-Fi hotspots. (c) In terms of Wi-Fi hotspot security, explain what a service theft attack is.

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared